Solved

how to clear  fw log buffer from CheckPoint?

Posted on 2009-05-08
2
2,704 Views
Last Modified: 2013-11-16
my firewall present this error, i need clean the log buffer, we needs put the fw ok..

fw-1: log buffer is full
0
Comment
Question by:Estrateam
2 Comments
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 24343553
You cant clear the buffer bud, it just means that the allocated buffer is not big enough to handle all logs being sent to it.

It may mean an increase in traffic or the fact that your box is starting to creak under the strain.

Common things to do at this stage:

1.  Consider an upgrade to the latest and greatest CP
2.  If you box cannot handle the latest version, get a bigger box

If an upgrade is not on the cards, then have a look at this article

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk39267&js_peid=P-114a7ba5fd7-10001&partition=Public&product=VPN-1

It gives some more info, but personally, I would go down the official line int his case and raise with your support provider, who have more access to the official resources and can advise appropriately.
0
 
LVL 14

Expert Comment

by:grimkin
ID: 24344733
DO you have a separate management server and gateway? If so,  the gateway may be unable to send logs to it and is consequently running out of disk / buffer space whilst logging them locally.

The kernel module maintains a buffer of waiting log messages that it gives to fwd to send to the management module. The buffer is circular, so high levels of logging may cause buffer entries to be overwritten before they can be sent to fwd. When this happens, the system log will display messages indicating that log entries are being lost - check that logs are being sent and also the disk space on the gateway.

If this is not the case, you may need to increase the log buffer size - how to do this depends on your platform and Checkpoint version.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Possibility of Outlook running on Linux 6 171
The endless cat and mouse game of fail2ban 4 119
Spam mails from a compromised internal computer 5 91
ipsec tunnel comme not up 10 101
Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question