Create a Post
Tommy_Forrest
Advisor

[AWS] - Auto scaling groups and logging

Our environment:

MDS - R81 JHT23
Dedicated MLM/CLM - R81 JHT23
Cloudguard Gateways in AWS - R80.40 / Autoscaling / GWLB

I have observed that when AWS provisions a gateway, the CME does all of its work beautifully.  It brings the gateway into the respective CMA, provisions it and brings it into production.  And we're using auto-configuration scripts to setup all the base configuration stuff (passwords, snmp, ntp, so-on-and-so-forth).  It all works great!

But.  The CME appears to miss one step - installing database after the new gateways are online.

When a new gateway comes on line, it seems to be logging that data to the correct CLM.  But any searches on the logs for traffic a given AWS gateway is transiting returns nothing until I do a manual database install.  I tried using specific source/destination IP's and even using the origin of the gateway in question to do searches.  Nadda until the database is installed.  Then it works great.

Any chance that can get investigated?  Please?  With a side of Direct Connect on top?

In my happy little world, that's something the CME process should take care of.

 

0 Kudos
2 Replies
Roman_Kats
Employee
Employee

Hello @Tommy_Forrest,
Described configuration should work without installing DB
Do you have a SR opened for this issue?
If not I suggest to open SR and share it with me over private massage
In the SR please attach logs gathered by the CME Log Collector (see https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Default.htm?cshid=ID011 (This link was edited by Check Point on 19 Dec 2021))

Thanks,
Roman

0 Kudos
Tommy_Forrest
Advisor

Updating this thread in case anyone finds this in a web search - R&D did discover that install database wasn't getting done and they're looking into fixing CME to address this issue in a future release.

0 Kudos