Client Logging

Endpoint Security clients upload logs to the Endpoint Security Management Server

On the server, the logs are stored in the common log database, which you can see in the Logs tab of the SmartConsole Logs & Monitor view.

Note - The VPN component uploads SCV logs to the VPN Security Gateway.

Client logs are:

Stored locally at:

C:\Documents and Settings\All Users\Application Data\CheckPoint\Endpoint Security\Logs

Log File	Comments
epslog.1.log epslog.2. log ... ... ... epslog.<number>.log	Plain text log file When the file becomes too large, another is created. Maximum of 10 log files can exist. When epslog.11.log is created, eplog1.log is deleted. Can be viewed with any ASCII viewer, or by using the client viewer, or by manually running: `C:\Program Files\Common Files\Check Point\Logviewer\EPS_LogViewer.exe`
epslog.ini epslog.1.elog epslog.1.elog.hmac	Internal files, compressed and encrypted.

Log File

Comments

epslog.1.log

epslog.2. log

... ... ...

epslog.<number>.log

Plain text log file
When the file becomes too large, another is created.
Maximum of 10 log files can exist. When epslog.11.log is created, eplog1.log is deleted.
Can be viewed with any ASCII viewer, or by using the client viewer, or by manually running:

C:\Program Files\Common Files\Check Point\Logviewer\EPS_LogViewer.exe

epslog.ini

epslog.1.elog

epslog.1.elog.hmac

Internal files, compressed and encrypted.

Uploaded according to the Common Client Policy to the Endpoint Security Management Server and viewable in the Logs tab of the SmartConsole Logs & Monitor view.
Client logs can be used for external audit requirements and internal trouble-shooting.