Solved

Checkpoint - html rule export & log viewer slow down

Posted on 2002-07-03
12
1,222 Views
Last Modified: 2007-12-19
Can anyone tell me how you can export the rule base to an html page?

Also, why if the system is 99% idle, nothing funny going on, would the log  viewer slow down so much that you can't export the log/view it "slow response from server" being the message?
0
Comment
Question by:mattsanford
12 Comments
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 60 total points
ID: 7127089
For the first question on dumping the rules base, see http://www.phoneboy.com/faq/0118.html

For the bit on the speed of the log viewer, this is because the logs are probably very very large.  So, even if the system  is 99% idle CPU wise, the disk may be furiously churning away to read the logs (and the subsystem that does this is not terribly efficient). The solution is to flip the logs so each log file is relatively small.
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 60 total points
ID: 7127149
fwrules, plus perl binaries will do this for you.  fwrulesarchive.zip is on Chris's link above.
In the second instance, log viewer with 4.1 is traditionally slow.  It's one big flat text file, and is slow and cumbersome by nature.
Try logswitching every day, cutting down what actually is allowed to log, and defragging your hard disk.  The file is probably spread all over the place.
You do not get this behaviour with NG - it's a proper database format and whizzes by.
0
 

Author Comment

by:mattsanford
ID: 7127298
Thanks both - the link looks interesting.
Yeah I know the log is cumbersome (to say the least!) but I do logswitch every day (and even wrote a tool to analyse the fipping things) and normally it's ok - export it first then switch it but for some reason it's been dog slow two days running at a time few people are using it...
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Expert Comment

by:jbmarzio
ID: 7164641
Have check name resolution, i.e. are you displaying / exporting logs with IP address or names (dns/hosts) ?
0
 

Author Comment

by:mattsanford
ID: 7164691
I'm not 100% sure I follow you - as far as I am aware DNS doesn't come into it? Just IP addresses at least - you create objects in FW1 which get mapped to IP addresses as they pass throught the FW. Other than that it's just IPs that show up if there's no object created for that IP.
0
 

Expert Comment

by:jbmarzio
ID: 7164730
About the log diplay, have you unselected the option of name resolution ? (DNS / Hosts resolution occurs for each line of log else, and incorrect DNS access just produces long time out...)
0
 

Expert Comment

by:jbmarzio
ID: 7164759
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 

Author Comment

by:mattsanford
ID: 7164764
I didn't know that! Thank you. I have taken it off and I will see what happens.... it sounds like that's it though.
0
 

Expert Comment

by:jbmarzio
ID: 7164767
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 

Author Comment

by:mattsanford
ID: 7164989
It looks like it's still freezing. I will reload it soon and try again. I will post the results tomorrow. Thanks again for your help.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9711624
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts be split between chris_calabrese and tim_holman.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question