Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
peter_schumache
Collaborator

How to filter syslog messages in Smartlog

I configured my gateway to send its syslog messages to the SmartCenter Server according to sk102995.

 

To view the syslog messages in Smrtview Tracker, is says:

"In SmartView Tracker log, the informational field will should show "...system daemons syslog_severity..."

There is no way to define a query (in R80.20) for the "informational" Field. There is a field "Information", but again, no query available.

What did I miss?

0 Kudos
3 Replies
FedericoMeiners
Advisor

How did you set this up? It seems that you made it the old way

On GWs R80.X you can go to the System Logging (Gateway, not management) section on the web user interface, once there you will find a check box to send syslog messages to the management server. Page 190 from admin guide:

https://dl3.checkpoint.com/paid/8d/8dbd7585030bbad76a1e65c3b458f74c/CP_R80.10_Gaia_AdminGuide.pdf?Ha...

After doing this try some failed and valid log ins to the configured gateway check the logs.

Hope it helps!

___

 

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
peter_schumache
Collaborator

I did it the new way, saying "send syslogs to SmartCenter".

The problem lies in prooving it. How can I display in Smartlog ONLY the messages from syslog?

0 Kudos
D_W
Advisor

Try to add "blade:syslog" in the query.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events