Difference between revisions of "log connection verification"
From cpwiki.net
(Created page with " Expert@chkpfw2:0]# '''cpstat fw -f log_connection''' <br> Overall Status: 0 Overall Status Description: Security Gateway is reporting logs as defined ...") |
|||
| (2 intermediate revisions by one user not shown) | |||
| Line 12: | Line 12: | ||
|192.168.144.80| 0|Log-Server Connected| | |192.168.144.80| 0|Log-Server Connected| | ||
-------------------------------------------- | -------------------------------------------- | ||
| + | |||
| + | netstat should show established connection to logging management server | ||
| + | |||
| + | [Expert@chkpfw2:0]# '''netstat -an | grep -i "257.*ESTABLISHED"''' | ||
| + | tcp 0 0 192.168.1.3:49571 192.168.1.80:257 ESTABLISHED | ||
| + | |||
| + | fwd restart to re-establish log connections | ||
| + | |||
| + | stop | ||
| + | # cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd" | ||
| + | |||
| + | start | ||
| + | # cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd" | ||
| + | |||
[[category:logging]] | [[category:logging]] | ||
Latest revision as of 13:48, 15 September 2022
Expert@chkpfw2:0]# cpstat fw -f log_connection
Overall Status: 0 Overall Status Description: Security Gateway is reporting logs as defined Local Logging Mode Description: Logs are written to log server Local Logging Mode Status: 0
Log Servers Connections -------------------------------------------- |IP |Status|Status Description | -------------------------------------------- |192.168.144.80| 0|Log-Server Connected| --------------------------------------------
netstat should show established connection to logging management server
[Expert@chkpfw2:0]# netstat -an | grep -i "257.*ESTABLISHED" tcp 0 0 192.168.1.3:49571 192.168.1.80:257 ESTABLISHED
fwd restart to re-establish log connections
stop
# cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"
start
# cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"
