Log Actions

This table describes some of the log actions in the

Action	Description
Accept	The Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. allowed traffic based on the Access Control Security Policy Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection..
Ask User	The user was prompted to decide if the Security Gateway must block or allow specific traffic, based on Access Control or Custom Threat Prevention Security Policies. Or A DLP incident was captured and put in quarantine. The user was asked to decide what to do.
Bypass	Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE., Threat Extraction Check Point Software Blade on a Security Gateway that removes malicious content from files. Acronym: TEX. or Anti-Virus Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV. did not inspect a file.
Decrypt	The Security Gateway decrypted a VPN packet to reveal its content and allow further inspection.
Detect	A Threat Prevention blade detected malicious traffic but did not block it because it worked in the Detect mode.
Drop	The Security Gateway blocked traffic based on the Access Control Security Policy and did not notify the source.
Encrypt	The Security Gateway encrypted a VPN packet to secure its contents and prevent unauthorized access.
Extract	Threat Extraction extracted potentially malicious content from a file before the file entered the network.
HTTPS Bypass	The Security Gateway allowed network traffic to bypass HTTPS Inspection Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi..
HTTPS Inspect	The Security Gateway inspected HTTPS traffic.
Inform User	The user was informed what the organization's policy was, based on the Access Control or Custom Threat Prevention Security Policies. Or DLP transmission was detected and allowed, and the user was notified.
Inline	Traffic was sent for emulation before it was allowed to enter the internal network.
Inspect	Threat Emulation or Anti-Virus inspected a fie.
IP Changed	An association between a specific IP address and a user changed, because the IP address on the associated host changed (DHCP).
Key Install	The Security Gateway created encryption keys for VPN.
Open Shell	An administrator opened a command shell to a Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. server.
Packet Tagging	The Security Gateway shared a packet tagging key with an Identity Agent.
Prevent	The Security Gateway blocked traffic based on the DLP or Threat Prevention policy.
Run Script	An administrator executed a script on a Gaia server from SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..
Update	The Security Gateway downloaded and installed the latest version or Hotfix Software package installed on top of the current software version to fix a wrong or undesired behavior, and to add a new behavior..
VPN Routing	The Security Gateway directed the VPN traffic through the appropriate specific VPN tunnel or Security Gateway.