Description
Fetches the specified Security log files ($FWDIR/log/*.log*
) or Audit log files ($FWDIR/log/*.adtlog*
) from the specified Check Point computer.
Syntax
fw [-d] fetchlogs [-f <Name of Log File 1>] [-f <Name of Log File 2>]... [-f <Name of Log File N>] <Target> |
Parameters
Parameter |
Description |
---|---|
|
Runs the command in debug mode. Use only if you troubleshoot the command itself. |
|
Specifies the name of the log file to fetch. Need to specify name only. Notes:
|
|
Specifies the remote Check Point computer, with which this local Check Point computer has established SIC trust.
|
Notes:
$FWDIR/log/
directory on the specified Check Point computer. Meaning, it deletes the specified log files on the specified Check Point computer after it copies them successfully.$FWDIR/log/
directory on the local Check Point computer, on which you run this command.$FWDIR/log/fw.log
or $FWDIR/log/fw.adtlog
.To fetch these active log files:
fw logswitch [-audit] [-h <
IP Address or Hostname>]
fw fetchlogs -f <Log File Name> <
IP Address or Hostname>
MyGW__2018-06-01_000000.log
).Example from a Management Server
[Expert@HostName:0]# fw lslogs MyGW Size Log file name 23KB 2018-05-16_000000.log 9KB 2018-05-17_000000.log 11KB 2018-05-18_000000.log 5796KB 2018-06-01_000000.log 4610KB fw.log [Expert@HostName:0]#
[Expert@HostName:0]# fw fetchlogs -f 2018-06-01_000000 MyGW File fetching in process. It may take some time... File MyGW__2018-06-01_000000.log was fetched successfully [Expert@HostName:0]#
[Expert@HostName:0]# ls $FWDIR/log/MyGW* /opt/CPsuite-R80.30/fw1/log/MyGW__2018-06-01_000000.log /opt/CPsuite-R80.30/fw1/log/MyGW__2018-06-01_000000.logaccount_ptr /opt/CPsuite-R80.30/fw1/log/MyGW__2018-06-01_000000.loginitial_ptr /opt/CPsuite-R80.30/fw1/log/MyGW__2018-06-01_000000.logptr [Expert@HostName:0]#
[Expert@HostName:0]# fw lslogs MyGW Size Log file name 23KB 2018-05-16_000000.log 9KB 2018-05-17_000000.log 11KB 2018-05-18_000000.log 4610KB fw.log [Expert@HostName:0]# |