 | ||
 Slow Logging to Sec Mgmt Server | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2007-11-12 | |||
| |||
 Slow Logging to Sec Mgmt Server Hi All, Current Setup: 172.16.12.113/24: Pri Smartcenter 172.16.12.114/24: Sec Smartcenter Logging setup: Send to master, Pri, if unreachable, send to sec A few things i need to clarify: 1) Is the promotion/demotion of the scs "manual"? In the active(pri) scs, change to standby, then login to the standby(sec) then change to active. Have done a mgmt ha setup during my checkpoint course days, but thats like almost a yr ago, cant remember and havent done any mgmt ha since then.. lol 2) If i unplug the pri scs, the logs take like 15mins to go to the sec scs.. I tried doing a dump on the sec scs and kept seeing logs coming in, but going to the pri ip address.. soo strange... and the thing is that, for the log to "swing" to the sec, it takes 15mins.... then i can see it on the tracker in sec scs... but if i replug in the pri, logs are up almost immediately.... Can anyone help with my queries? Thanks alot in advance..  |
| 2007-11-13 | |||
| |||
| Re: Slow Logging to Sec Mgmt Server Hi All, On Issue #2, i have resloved it already, what happened was that there were 4 firewall clusters managed by the smartcenter, 2 of them had the updated log server config "when unreachable, send logs to sec scs", coz they had some maintenance done on them, apprantly not the other 2, i happened to check on fw stat and founf the policy installed some weeks back.. after i install(reupdated) the policy, everthing works fine and fast... lol |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
