CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


I'd like to thank everyone involved for making "The CPUG Challenge" a great success.
We helped a lot of people see and learn a bit more about R80.10, while having some fun.
We will be using this success to try and bring more events to more locations soon. -E

 

Results 1 to 3 of 3

Thread: Export IPS Logging settings

  1. #1
    Join Date
    2012-08-16
    Posts
    161
    Rep Power
    6

    Default Export IPS Logging settings

    Hi all, just wondering if anyone knows of a way to do a bulk export of the Logging Settings - Log, Alert, User Defined etc. all at once with an IPS export. We have user defined actions in our Logs and Alerts but would like to replace one with the automatic SAM block from sk110873 and just want to make sure we do not run into unintended blocks.

    Is there a way to accomplish this?

    Thanks.

  2. #2
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,033
    Rep Power
    12

    Default Re: Export IPS Logging settings

    Quote Originally Posted by aweldon View Post
    Hi all, just wondering if anyone knows of a way to do a bulk export of the Logging Settings - Log, Alert, User Defined etc. all at once with an IPS export. We have user defined actions in our Logs and Alerts but would like to replace one with the automatic SAM block from sk110873 and just want to make sure we do not run into unintended blocks.

    Is there a way to accomplish this?

    Thanks.
    It looks like the IPS->Protections->View->Export View function in the R77.30 SmartDashboard and R80 SmartConsole does not include the Log field for IPS Protections exported to CSV. However check out the ips_export_import tool (sk65627) which will dump a tar file export of an IPS Profile. After unzipping the tar file check out the ips_protections_per_profile.C file which may have what you need. The ips_export_import tool definitely works on a R77.30 SMS, but when I tried it on a R80.10 management server it dumped core so I take it this tool is not supported in R80.10, possibly not in R80 either. :-)
    Last edited by ShadowPeak.com; 2017-03-28 at 16:33.
    --
    My book "Max Power: Check Point Firewall Performance Optimization"
    now available via http://maxpowerfirewalls.com.

  3. #3
    Join Date
    2012-08-16
    Posts
    161
    Rep Power
    6

    Default Re: Export IPS Logging settings

    Thanks for the suggestion. Just exported the file and extracted it. I went looking for two protections that I know are setup to send an email (user defined) but, once locating them in the file there is no :track attribute defined for them.

Similar Threads

  1. ESP and AH Settings in Checkpoint
    By Keshavraikot in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 6
    Last Post: 2014-10-02, 21:54
  2. MTU settings
    By achauhan1976 in forum Miscellaneous
    Replies: 3
    Last Post: 2010-08-19, 10:57
  3. Logging and Status Blade in R70.20 now does Identity Logging
    By PhoneBoy in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 7
    Last Post: 2010-04-05, 16:06
  4. VPN-1 Edge Export Settings = [700002] object not found
    By roveer in forum Check Point UTM-1 Edge Appliances
    Replies: 9
    Last Post: 2008-06-11, 10:34
  5. U.S. govt new DST settings.
    By dew1902 in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 1
    Last Post: 2007-02-12, 13:59

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •