?
Solved

Checking point 4.1 log files

Posted on 2001-08-23
9
Medium Priority
?
226 Views
Last Modified: 2013-11-16
I use Checkpoint 4.1 in WinNT
I found that the fw log grow very fast.
it make the log view slow...
Can i create new log file for every day.?


0
Comment
Question by:nba
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 3

Accepted Solution

by:
Bruce_R earned 800 total points
ID: 6416868
there's a command called "fw logswitch" it creates new log files and saves the old one with a date stamp.

All you need to do is set this up as a scheduled task. On NT this would be done with the AT command. On Unix you couls set it up as a cron job.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6428022
there was a little script in the SysAdnmin magazine, june 2001 http://www.sysadminmag.com/articles/2001/0108/
Not shure if this is what you need.
0
 
LVL 3

Expert Comment

by:foad
ID: 6448243
here is a script you can use, just use notepad, and save as a .bat

e:
cd\fw1\bin
fw logswitch

e: being whatever drive you have fw1 on.. then like i said just save as a .bat.. double click it and it will run for you switching the log...

also if you know how to use at commands you can run this automatically

Al
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 
LVL 23

Expert Comment

by:Tim Holman
ID: 6513225
In the rulebase, put in anti-logging rules for broadcast traffic - that is, an additional rule for broadcast services with the logging section kept empty.
You may also want to stop logging internal NetBIOS traffic that hits your firewall, plus routing protocols.
That way, at least your logs are full of relevant stuff !!
0
 

Expert Comment

by:paulof
ID: 6638153
hi,

- use the "fw logswitch" command and schedule it
- also opent he log viewer -> select options -> and uncheck resolve addresses.

This will turn off the dns on each rule

Cheers
0
 
LVL 1

Expert Comment

by:Computer101
ID: 6743069
Hello all,
I am Computer101, a moderator from Experts-Exchange and also an expert within this topic area. This question has been open a long time.  What I am going to do is allow feedback from the questioner and experts.  If it is not resolved, I will delete or accept an answer based on the info I have been given, Experts, feel free to offer input.  I will monitor these questions for a period of 5-7 days and come back and evaluate.  I will have another moderator (who is also an expert in this topic area) look at the question also to ensure we do the right thing for this question.

Thank you
Computer101
Community Support Moderator
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6821715
Have you been helped here so you can accept to grade and close, or is more needed?

For special handling help, please post zero point question with question link (URL) here:
http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt

Expert recommendations always welcome, if no response from Asker.

Moondancer
EE Moderator
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6842508
Question(s) below appears to have been abandoned. Your options are:
 
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you. You must tell the participants why you wish to do this, and allow for Expert response.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question. Again, please comment to advise the other participants why you wish to do this.

For special handling needs, please post a zero point question in the link below and include the question QID/link(s) that it regards.
http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
 
Please click the Help Desk link on the left for Member Guidelines, Member Agreement and the Question/Answer process.  Click you Member Profile to view your question history and keep them all current with updates as the collaboration effort continues, in the event new items have been created since this listing was pulled.

http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp

To view your open questions, please click the following link(s) and keep them all current with updates.
http://www.experts-exchange.com/questions/Q.20150971.html
http://www.experts-exchange.com/questions/Q.20146220.html
http://www.experts-exchange.com/questions/Q.20151989.html
http://www.experts-exchange.com/questions/Q.20160043.html
http://www.experts-exchange.com/questions/Q.20183375.html
http://www.experts-exchange.com/questions/Q.20187562.html
http://www.experts-exchange.com/questions/Q.20161342.html
http://www.experts-exchange.com/questions/Q.20194993.html


To view your locked questions, please click the following link(s) and evaluate the proposed answer.
http://www.experts-exchange.com/questions/Q.11348677.html
http://www.experts-exchange.com/questions/Q.11427858.html
http://www.experts-exchange.com/questions/Q.20172707.html
http://www.experts-exchange.com/questions/Q.11494399.html
http://www.experts-exchange.com/questions/Q.11487458.html

PLEASE DO NOT AWARD THE POINTS TO ME.  
 
------------>  EXPERTS:  Please leave any comments regarding this question here on closing recommendations if this item remains inactive another three days.
 
Thank you everyone.
 
Moondancer
Moderator @ Experts Exchange


P.S.  For any year 2000 questions, special attention is needed to ensure the first correct response is awarded, since they are not in the comment date order, but rather in Member ID order.
0
 
LVL 5

Expert Comment

by:Netminder
ID: 6892506
Force-accepted by
Netminder
CS Moderator
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month10 days, 23 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question