 | ||
 primary firewall logs not showing | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2008-05-05 | |||
| |||
 primary firewall logs not showing I have primary and secondary splat firewall , in smartview tracker( origin) only secondary firewall log showing . if i filter with primary firewall no logs showing i have configure cluster splat I any one help with this Regards d31jan  |
| 2008-05-31 | |||
| |||
| Re: primary firewall logs not showing surprisingly I have the same problem here. Well, the firewall modules are Nokias not Splat. I'll spent some time to analyse it. If I cant get the cause, I'll reboot the module. What happend with your problem, d31jan? |
| 2008-06-01 | |||
| |||
| Re: primary firewall logs not showing Assuming this is NGX R65? Some things to check; 1) Run the following on the firewall: fw monitor –e accept ‘sport=257 or dport=257;’ You should see traffic being sent from this firewall to the logger 2) On the firewall drop down to $FWDIR/log . then type: ls –l fw.log and then type the same command several seconds later. Did the file size increase ? 3) on the firewall; run the command "fw ctl zdebug + drop" and see if you see anything dropped? 4) We had also experienced this on one of our clusters (Nokia NGXR65), and in one case rebooting the firewall fixed the issue. in another case, we flipped to the secondary firewall which was logging and after couple of days the primary started logging on its own. cpinfo and other debug information provided to Checkpoint was not conclusive. |
| 2008-06-05 | |||
| |||
| Re: primary firewall logs not showing well after setting the fwd into debug mode, I found this in the fwd.elg: Code: sendLogs: Conn ID=76, Last Seq=2147483610, New Seq=-2099273116 sendLogs: Fatal error, Conn ID=76, Last Seq=2147483610, New Seq=-2099273116, Bad new Seq After a quick reboot, the new Seq had no minus in front and the logfiles were sent again to the logserver. This Nokia module had the longest run of all with an uptime of 230 days. If no reboot comes across, I'll keep an eye on the other modules.... ;-) |
| 2008-06-05 | |||
| |||
| Re: primary firewall logs not showing We had the same issue about 4 weeks ago on a SPLAT R65 HFA1 ClusterXL box. The server was up for about 190 days straight and suddenly stopped logging. We have about 3-4 GB of log files per day on our log server for this cluster. We were not able to make out a culprit responsible for this behavior, so we simply rebooted the box and that solved the issue. I only noticed before the reboot that the server had "only" about 1 GB of free real memory from 4 GB left. This value diminished slowly as the months passed. I still don't know what exactly went wrong, but I guess it is the same issue that you guys encountered. |
| 2008-06-09 | |||
| |||
| Re: primary firewall logs not showing Dear , I am using SPLAT ( R60 cluster) This problem was due to SIC communcation fail , Communcation was stop between Managament server and Enforcement module , due this primary firewall stop and secondary was activate Solution 1 Both are in cluster mode I make secondary as Primary and Primary to secondary Restart the Primary firewall and then revert backup to same Log start generating , but still i have communcation problem Regards |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
