Solved

Checkpoint - html rule export & log viewer slow down

Posted on 2002-07-03
12
1,220 Views
Last Modified: 2007-12-19
Can anyone tell me how you can export the rule base to an html page?

Also, why if the system is 99% idle, nothing funny going on, would the log  viewer slow down so much that you can't export the log/view it "slow response from server" being the message?
0
Comment
Question by:mattsanford
12 Comments
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 60 total points
ID: 7127089
For the first question on dumping the rules base, see http://www.phoneboy.com/faq/0118.html

For the bit on the speed of the log viewer, this is because the logs are probably very very large.  So, even if the system  is 99% idle CPU wise, the disk may be furiously churning away to read the logs (and the subsystem that does this is not terribly efficient). The solution is to flip the logs so each log file is relatively small.
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 60 total points
ID: 7127149
fwrules, plus perl binaries will do this for you.  fwrulesarchive.zip is on Chris's link above.
In the second instance, log viewer with 4.1 is traditionally slow.  It's one big flat text file, and is slow and cumbersome by nature.
Try logswitching every day, cutting down what actually is allowed to log, and defragging your hard disk.  The file is probably spread all over the place.
You do not get this behaviour with NG - it's a proper database format and whizzes by.
0
 

Author Comment

by:mattsanford
ID: 7127298
Thanks both - the link looks interesting.
Yeah I know the log is cumbersome (to say the least!) but I do logswitch every day (and even wrote a tool to analyse the fipping things) and normally it's ok - export it first then switch it but for some reason it's been dog slow two days running at a time few people are using it...
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Expert Comment

by:jbmarzio
ID: 7164641
Have check name resolution, i.e. are you displaying / exporting logs with IP address or names (dns/hosts) ?
0
 

Author Comment

by:mattsanford
ID: 7164691
I'm not 100% sure I follow you - as far as I am aware DNS doesn't come into it? Just IP addresses at least - you create objects in FW1 which get mapped to IP addresses as they pass throught the FW. Other than that it's just IPs that show up if there's no object created for that IP.
0
 

Expert Comment

by:jbmarzio
ID: 7164730
About the log diplay, have you unselected the option of name resolution ? (DNS / Hosts resolution occurs for each line of log else, and incorrect DNS access just produces long time out...)
0
 

Expert Comment

by:jbmarzio
ID: 7164759
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 

Author Comment

by:mattsanford
ID: 7164764
I didn't know that! Thank you. I have taken it off and I will see what happens.... it sounds like that's it though.
0
 

Expert Comment

by:jbmarzio
ID: 7164767
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 

Author Comment

by:mattsanford
ID: 7164989
It looks like it's still freezing. I will reload it soon and try again. I will post the results tomorrow. Thanks again for your help.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9711624
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts be split between chris_calabrese and tim_holman.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Gmail Account risks 4 91
Sonicwall blocks a site 49 78
Need to build some security groups for Intune, o365 2 57
Review of a VPN cert policy 4 28
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
As technology users and professionals, we’re always learning. Our universal interest in advancing our knowledge of the trade is unmatched by most industries. It’s a curiosity that makes sense, given the climate of change. Within that, there lies a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question