Print Download PDF Send Feedback

Previous

Next

usrchk

Description

Controls the UserCheck daemon (usrchkd).

Syntax

usrchk

hits <options>

incidents <options>

debug <options>

Note - You can also enter partial names of the sub-commands and their options.

Parameters

Parameter

Description

No Parameter

Shows the built-in help.

This applies to sub-commands as well.

For example, run just the "usrchk hits" command.

hits <options>

Shows user hits (violations).

The available options are:

 
  • Show user hits:
    • List all existing hits:

      usrchk hits list all

    • Show hits for a specified user:

      usrchk hits list user <UserName>

    • Show hits for a specified interaction object:

      usrchk hits list uci <Name of UserCheck Interaction Object>

 
  • Clear user hits:
    • Clear all existing hits:

      usrchk hits clear all

    • Clear hits for a specified user:

      usrchk hits clear user <UserName>

    • Clear hits for a specified interaction object:

      usrchk hits clear uci <Name of UserCheck Interaction Object>

 
  • Database operations:
    • Reload hits from the database:

      usrchk hits db reload

    • Update hits changes in the database:

      usrchk hits db reload update

incidents <options>

Sends emails to users about incidents.

The available option is:

  • Send emails to users about their expiring email violations:

    usrchk incidents expiring

debug <options>

Controls the debug of the UserCheck daemon.

The available options are:

 
  • Enable the debug:

    usrchk debug on

    Important - After you run this command "usrchk debug on", you must run the command "usrchk debug set ..." to configure the required filter.

    Important - When you enable the debug, it affects the performance of the usrchkd daemon. Make sure to disable the debug after you complete your troubleshooting.

 
  • Disable the debug:

    usrchk debug off

 
  • Filter which debug logs UserCheck writes to the log file based on the specified Debug Topics and Severity:

    usrchk debug set <Topic Name> <Severity>

    The available Debug Topics are:

    • all
    • Check Point Support provides more specific topics, based on the reported issue

    The available Severities are:

    • all
    • critical
    • events
    • important
    • surprise

    Best Practice - We recommend to enable all Topics and all Severities. Run:

    usrchk debug set all all

 
  • Show the UserCheck current debug status:

    usrchk debug stat

 
  • Unset the specified Debug Topic(s):

    usrchk debug unset <Topic Name>

 
  • Reset all debug topics:

    usrchk debug reset

 
  • Rotate the UserCheck log files:

    usrchk debug

 
  • Show the memory consumption by the usrchkd daemon:

    usrchk debug memory

 
  • Show and set the number of indentation spaces in the $FWDIR/log/usrchk.elg file.

    usrchk debug spaces [<0 - 5>]

    You can specify the number of spaces:

    • 0 (this is the default)
    • 1
    • 2
    • 3
    • 4
    • 5

Notes:

27 December 2020
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2020 Check Point Software Technologies Ltd. All rights reserved.