ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Checkpoint Firewall does not send logs to the management station
Article ID: 168087
Updated On:
Products
XOS
Issue/Introduction
Checkpoint Firewall does not send logs to the management stationThis article describes a workaround for an issue in which a firewall module stops logging to the management server.
Cause
To work around an issue in which a Check Point firewall module stops logging to the management server.
Resolution
Please contact Check Point support to get a definitive solution for this issue.
Note: You may need to perform some fwd debug to determine why the firewall cannot send logs to the log server.
Workaround
To Restart Logging to the Check Point Management Server
Note: This workaround assumes that you have verified that fwd process is running and that it is possible to ping the log server.If a firewall module stops logging to the management server, and will not resume logging, do the following.
1. Define a dummy logserver object, update the module to use this dummy object under the "Logging Servers" section of the fw/cluster object, and push policy.
2. Reset the module to log to the original logserver object and push policy again.
This should trigger the firewall to start logging to the management station. This workaround is much less intrusive than doing a cpstop/cpstart.
Feedback
Yes
No
Powered by
