CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 2 of 2

Thread: Difference in SmartView Tracker log and Capture log..

  1. #1
    Join Date
    2011-10-03
    Posts
    76
    Rep Power
    8

    Default Difference in SmartView Tracker log and Capture log..

    Hi,

    This is very basic question, but require some concrete info..
    I just want to know the difference between SmartView tracker logs and Capture logs which is taken by FW monitor & Tcpdump command.

    Because sometime traffic capturing using theses commands are not shown in smartview tracker, so confusing that traffic passing through the firewall on not..??


    Thanx...
    Thanx
    Arjun

  2. #2
    Join Date
    2006-01-25
    Location
    Americas
    Posts
    1,535
    Rep Power
    15

    Default Re: Difference in SmartView Tracker log and Capture log..

    Tracker typically only show one "session" of an event.

    Capture logs will show the TCP handshake and any additional streaming packets associated with the session.

    A good example is if you SSH into the firewall, tracker will only have one line item whereas an fw monitor will constantly be showing the back and forth TCP communication. The caveat is if you're using SecureXL (aka Performance Pack) to accelerate traffic--if you are, then the difference is that the fw monitor may not show the back and forth TCP communication, only the initial handshake.

    HTH
    Its all in the documentation.

Similar Threads

  1. Smartview Tracker not received log
    By indera in forum SmartView Tracker
    Replies: 4
    Last Post: 2010-09-21, 04:02
  2. SmartView Tracker Log Consolidation
    By Maybedave in forum SmartDashboard
    Replies: 0
    Last Post: 2010-06-01, 11:08
  3. Delete old log-files in SmartView Tracker?
    By AllanKjśr in forum Check Point SecurePlatform (SPLAT)
    Replies: 4
    Last Post: 2008-12-09, 07:10
  4. SmartView Tracker log export error!!
    By doccocaubai in forum SmartView Tracker
    Replies: 7
    Last Post: 2008-05-22, 13:37
  5. SmartView Tracker log behind by 2 hours
    By godonga in forum SmartView Tracker
    Replies: 1
    Last Post: 2007-09-11, 11:32

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •