Solved

how to clear  fw log buffer from CheckPoint?

Posted on 2009-05-08
2
2,661 Views
Last Modified: 2013-11-16
my firewall present this error, i need clean the log buffer, we needs put the fw ok..

fw-1: log buffer is full
0
Comment
Question by:Estrateam
2 Comments
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 24343553
You cant clear the buffer bud, it just means that the allocated buffer is not big enough to handle all logs being sent to it.

It may mean an increase in traffic or the fact that your box is starting to creak under the strain.

Common things to do at this stage:

1.  Consider an upgrade to the latest and greatest CP
2.  If you box cannot handle the latest version, get a bigger box

If an upgrade is not on the cards, then have a look at this article

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk39267&js_peid=P-114a7ba5fd7-10001&partition=Public&product=VPN-1

It gives some more info, but personally, I would go down the official line int his case and raise with your support provider, who have more access to the official resources and can advise appropriately.
0
 
LVL 14

Expert Comment

by:grimkin
ID: 24344733
DO you have a separate management server and gateway? If so,  the gateway may be unable to send logs to it and is consequently running out of disk / buffer space whilst logging them locally.

The kernel module maintains a buffer of waiting log messages that it gives to fwd to send to the management module. The buffer is circular, so high levels of logging may cause buffer entries to be overwritten before they can be sent to fwd. When this happens, the system log will display messages indicating that log entries are being lost - check that logs are being sent and also the disk space on the gateway.

If this is not the case, you may need to increase the log buffer size - how to do this depends on your platform and Checkpoint version.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now