Hi Team, My name is Marcos and I would like to find the most efficient way to analyze the drops recorded at the CheckPoint logs (SmartLog R77.30). This way I can identify if there are valid communications that need to be allowed in our network or if we may need to contact the source of these drops to stop sending not permitted packets.
I hope someone can help me with the appropriate tool/knowledge to perform this task.
Something interesting could be to find the way to sort these drops based on source/destination IP address, the number of times they are hitting the firewall...
Thanks for your help in advance.