Difference between revisions of "log connection verification"
From cpwiki.net
(One intermediate revision by one user not shown) | |||
Line 15: | Line 15: | ||
netstat should show established connection to logging management server | netstat should show established connection to logging management server | ||
− | [Expert@chkpfw2:0]# '''netstat -an | grep -i "257.*ESTABLISHED"''' | + | [Expert@chkpfw2:0]# '''netstat -an | grep -i "257.*ESTABLISHED"''' |
− | tcp 0 0 192.168.1.3:49571 192.168.1.80:257 ESTABLISHED | + | tcp 0 0 192.168.1.3:49571 192.168.1.80:257 ESTABLISHED |
+ | fwd restart to re-establish log connections | ||
+ | stop | ||
+ | # cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd" | ||
+ | |||
+ | start | ||
+ | # cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd" | ||
[[category:logging]] | [[category:logging]] |
Latest revision as of 13:48, 15 September 2022
Expert@chkpfw2:0]# cpstat fw -f log_connection
Overall Status: 0 Overall Status Description: Security Gateway is reporting logs as defined Local Logging Mode Description: Logs are written to log server Local Logging Mode Status: 0
Log Servers Connections -------------------------------------------- |IP |Status|Status Description | -------------------------------------------- |192.168.144.80| 0|Log-Server Connected| --------------------------------------------
netstat should show established connection to logging management server
[Expert@chkpfw2:0]# netstat -an | grep -i "257.*ESTABLISHED" tcp 0 0 192.168.1.3:49571 192.168.1.80:257 ESTABLISHED
fwd restart to re-establish log connections
stop
# cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"
start
# cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"