Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1238
  • Last Modified:

Checkpoint - html rule export & log viewer slow down

Can anyone tell me how you can export the rule base to an html page?

Also, why if the system is 99% idle, nothing funny going on, would the log  viewer slow down so much that you can't export the log/view it "slow response from server" being the message?
0
mattsanford
Asked:
mattsanford
2 Solutions
 
chris_calabreseCommented:
For the first question on dumping the rules base, see http://www.phoneboy.com/faq/0118.html

For the bit on the speed of the log viewer, this is because the logs are probably very very large.  So, even if the system  is 99% idle CPU wise, the disk may be furiously churning away to read the logs (and the subsystem that does this is not terribly efficient). The solution is to flip the logs so each log file is relatively small.
0
 
Tim HolmanCommented:
fwrules, plus perl binaries will do this for you.  fwrulesarchive.zip is on Chris's link above.
In the second instance, log viewer with 4.1 is traditionally slow.  It's one big flat text file, and is slow and cumbersome by nature.
Try logswitching every day, cutting down what actually is allowed to log, and defragging your hard disk.  The file is probably spread all over the place.
You do not get this behaviour with NG - it's a proper database format and whizzes by.
0
 
mattsanfordAuthor Commented:
Thanks both - the link looks interesting.
Yeah I know the log is cumbersome (to say the least!) but I do logswitch every day (and even wrote a tool to analyse the fipping things) and normally it's ok - export it first then switch it but for some reason it's been dog slow two days running at a time few people are using it...
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
jbmarzioCommented:
Have check name resolution, i.e. are you displaying / exporting logs with IP address or names (dns/hosts) ?
0
 
mattsanfordAuthor Commented:
I'm not 100% sure I follow you - as far as I am aware DNS doesn't come into it? Just IP addresses at least - you create objects in FW1 which get mapped to IP addresses as they pass throught the FW. Other than that it's just IPs that show up if there's no object created for that IP.
0
 
jbmarzioCommented:
About the log diplay, have you unselected the option of name resolution ? (DNS / Hosts resolution occurs for each line of log else, and incorrect DNS access just produces long time out...)
0
 
jbmarzioCommented:
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 
mattsanfordAuthor Commented:
I didn't know that! Thank you. I have taken it off and I will see what happens.... it sounds like that's it though.
0
 
jbmarzioCommented:
excuse me for posting twice.
No, You use Name to IP mapping in your policy, but unknown IP may been resolved (from the management) by DNS resolution. With a NG version, try in the menu Tools entry "Resolve Addresses". On 4.1 version, look in selection / Options, box Name Resolution....
Hope this helps...
0
 
mattsanfordAuthor Commented:
It looks like it's still freezing. I will reload it soon and try again. I will post the results tomorrow. Thanks again for your help.
0
 
zenlion420Commented:
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts be split between chris_calabrese and tim_holman.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now