Issue/Introduction:
Checkpoint Firewall does not send logs to the management stationThis article describes a workaround for an issue in which a firewall module stops logging to the management server.
Cause:
To work around an issue in which a Check Point firewall module stops logging to the management server.
Resolution:
Please contact Check Point support to get a definitive solution for this issue.
Note: You may need to perform some fwd debug to determine why the firewall cannot send logs to the log server.
Workaround
To Restart Logging to the Check Point Management Server
Note: This workaround assumes that you have verified that
fwd process is running and that it is possible to ping the log server.
If a firewall module stops logging to the management server, and will not resume logging, do the following.
1. Define a dummy
logserver object, update the module to use this dummy object under the "Logging Servers" section of the
fw/cluster object, and push policy.
2. Reset the module to log to the original
logserver object and push policy again.
This should trigger the firewall to start logging to the management station. This workaround is much less intrusive than doing a
cpstop/cpstart.