CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 2 of 2

Thread: How to view Cisco Firewall logs in Smart View Tracker

  1. #1
    Join Date
    2012-12-20
    Posts
    2
    Rep Power
    0

    Default How to view Cisco Firewall logs in Smart View Tracker

    Hi Folks,

    I am working in a enterprise environment comprising of Security products from Different Vendors like Cisco, Checkpoint. As in the case of Cisco, one finds it very tedious to check logs and make conclusions out of it. This is where Checkpoint scores over Cisco when it comes to Log Analyzing and Tracker.

    So here is a situation.

    1. I have a Cisco FWSM integrated with 6509 L3 Switch. Ihe logs of this Firewall, i need to view in Checkpoint Smartview Tracker. Right now the logs from this FWSM are getting stored onto a Kiwi Syslog Server which is installed on a Windows XP Box. Storage is not an issue. I have 500GB space on this XP Box.

    2. I have a Checkpoint VSX 9090 with MDS version R75.10 and NGX R67 Gateways. Now i want to know how can i see the logs that are getting stored on the KIWI Syslog Server in a GUI format provisioned by SmartView Tracker Window in MDS.

    I have license to create a new CMA if need be, maybe an additional Domain too.

    But all i need is to see the FWSM logs in Tracker Window.

  2. #2
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    18

    Default Re: How to view Cisco Firewall logs in Smart View Tracker

    You won't, as Smartview Tracker doesn't look at external log files only it's own log file.

    What you can do however is on the Check Point object representing your CMA/Log Server move to Additional Logging and then enable the Accept Syslog messages. I think will get away with just doing a Policy Install Database to the Log Server object

    The Syslog messages then need to be forwarded to the Check Point CMA/Log Server. It won't look at the log file on the Kiwi Syslog server. Wether you get the Kiwi Syslog Server to forward them or have the FWSM send directly is down to what you want to do.

Similar Threads

  1. Smart View Tracker
    By sudhirnayakk in forum SmartView Monitor
    Replies: 2
    Last Post: 2009-01-28, 01:31
  2. No Logs are coming in Smart View Tracker from One of the Gateway.
    By rajender in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 1
    Last Post: 2008-12-16, 12:58
  3. error in smart view tracker
    By mylove142 in forum SmartView Monitor
    Replies: 2
    Last Post: 2007-05-26, 01:32
  4. Smart View Tracker
    By Joe T in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 6
    Last Post: 2006-11-16, 11:57
  5. Can't view logs older than 2 days in SmartView Tracker
    By Degsy in forum SmartView Tracker
    Replies: 3
    Last Post: 2006-10-20, 19:18

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •