Who rated this post

My experience using $MDS_FWDIR/scripts/migrate_server export with -l or -x is very poor. I have had some scenarios where customers want to export with logs, which has never worked for me. Even when reducing their log size to the past five days, the amount of storage is too vast for the script to handle. The script has a built-in timeout of two hours (I think it used to be shorter?), and if you have any half-decent amount of logs, you end up at the timeout before it's able to complete. I posted about how the gzip process is single-threaded and will knock its head into a brick wall when trying to compress if you are lucky enough to get to the stage where it tries to compress all the logs.

https://community.checkpoint.com/t5/Management/MDS-FWDIR-scripts-migrate-server-export-with-logs-and...

I'm unsure if the script has been updated since I tried this, but I doubt it has. You also have to remember that the logging format changed from R80.xx to R81.xx. Unless something changed recently, you could not apply -x when doing export on R80.xx management when your output is R81.xx.

The easiest way to move logs, in my experience, is to create your new management on a new host and transfer your Gaia configuration and the database ($MDS_FWDIR/scripts/migrate_server export -v R81.xx). Replicate your Gaia configuration on the new host and import the database. And when your new host is successfully running, change the IP on the old management host and transfer the logs you want to move over directly using SCP. You can dump *.log files from $FWDIR/log on the old management over to $FWDIR/log on the new management, do a reboot or a cpstop && cpstart after the transfer is complete, and the log indexing should start indexing based on the logs files you transferred. And for older logs that are not getting indexed you can open manually in Smart Console by pointing to the specific *.log file manually.