?
Solved

Checkpoint - html rule export & log viewer slow down

Posted on 2002-07-03
12
Medium Priority
?
1,232 Views
Last Modified: 2007-12-19
Can anyone tell me how you can export the rule base to an html page?

Also, why if the system is 99% idle, nothing funny going on, would the log  viewer slow down so much that you can't export the log/view it "slow response from server" being the message?
0
Comment
Question by:mattsanford
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 240 total points
ID: 7127089
For the first question on dumping the rules base, see http://www.phoneboy.com/faq/0118.html

For the bit on the speed of the log viewer, this is because the logs are probably very very large.  So, even if the system  is 99% idle CPU wise, the disk may be furiously churning away to read the logs (and the subsystem that does this is not terribly efficient). The solution is to flip the logs so each log file is relatively small.
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 240 total points
ID: 7127149
fwrules, plus perl binaries will do this for you.  fwrulesarchive.zip is on Chris's link above.
In the second instance, log viewer with 4.1 is traditionally slow.  It's one big flat text file, and is slow and cumbersome by nature.
Try logswitching every day, cutting down what actually is allowed to log, and defragging your hard disk.  The file is probably spread all over the place.
You do not get this behaviour with NG - it's a proper database format and whizzes by.
0
 

Author Comment

by:mattsanford
ID: 7127298
Thanks both - the link looks interesting.
Yeah I know the log is cumbersome (to say the least!) but I do logswitch every day (and even wrote a tool to analyse the fipping things) and normally it's ok - export it first then switch it but for some reason it's been dog slow two days running at a time few people are using it...
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 

Expert Comment

by:jbmarzio
ID: 7164641
Have check name resolution, i.e. are you displaying / exporting logs with IP address or names (dns/hosts) ?
0
 

Author Comment

by:mattsanford
ID: 7164691
I'm not 100% sure I follow you - as far as I am aware DNS doesn't come into it? Just IP addresses at least - you create objects in FW1 which get mapped to IP addresses as they pass throught the FW. Other than that it's just IPs that show up if there's no object created for that IP.
0
 

Expert Comment

by:jbmarzio
ID: 7164730
About the log diplay, have you unselected the option of name resolution ? (DNS / Hosts resolution occurs for each line of log else, and incorrect DNS access just produces long time out...)
0
 

Expert Comment

by:jbmarzio
ID: 7164759
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 

Author Comment

by:mattsanford
ID: 7164764
I didn't know that! Thank you. I have taken it off and I will see what happens.... it sounds like that's it though.
0
 

Expert Comment

by:jbmarzio
ID: 7164767
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 

Author Comment

by:mattsanford
ID: 7164989
It looks like it's still freezing. I will reload it soon and try again. I will post the results tomorrow. Thanks again for your help.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9711624
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts be split between chris_calabrese and tim_holman.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question