Difference between revisions of "log connection verification"

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services
 
(One intermediate revision by one user not shown)
Line 15: Line 15:
 
netstat should show established connection to logging management server
 
netstat should show established connection to logging management server
  
[Expert@chkpfw2:0]# '''netstat -an | grep -i "257.*ESTABLISHED"'''
+
[Expert@chkpfw2:0]# '''netstat -an | grep -i "257.*ESTABLISHED"'''
tcp        0      0 192.168.1.3:49571        192.168.1.80:257          ESTABLISHED  
+
tcp        0      0 192.168.1.3:49571        192.168.1.80:257          ESTABLISHED  
  
 +
fwd restart to re-establish log connections
  
 +
stop
 +
# cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"
 +
 +
start
 +
# cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"
  
 
[[category:logging]]
 
[[category:logging]]

Latest revision as of 13:48, 15 September 2022

Expert@chkpfw2:0]# cpstat fw -f log_connection

Overall Status: 0 Overall Status Description: Security Gateway is reporting logs as defined Local Logging Mode Description: Logs are written to log server Local Logging Mode Status: 0

Log Servers Connections -------------------------------------------- |IP |Status|Status Description | -------------------------------------------- |192.168.144.80| 0|Log-Server Connected| --------------------------------------------

netstat should show established connection to logging management server

[Expert@chkpfw2:0]# netstat -an | grep -i "257.*ESTABLISHED"
tcp        0      0 192.168.1.3:49571         192.168.1.80:257          ESTABLISHED 

fwd restart to re-establish log connections

stop

# cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"

start

# cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"