Introduction to Logging and Monitoring

From R80, logging, eventClosed Record of a security or network incident that is based on one or more logs, and on a customizable set of rules that are defined in the Event Policy. management, reporting, and monitoring are more tightly integrated than ever before. Security data and trends easy to understand at a glance, with Widgets and chart templates that optimize visual display. Logs are now tightly integrated with the policy rules. To access logs associated with a specific ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session., click that rule. Free-text search lets you enter specific search terms to retrieve results from millions of logs in seconds.

One-click exploration makes it easy to move from high-level overview to specific event details such as type of attack, timeline, application type and source. After you investigate an event, it is easy to act on it. Depends on the severity of the event, you can ignore it, act on it later, block it immediately, or toggle over to the rules associated with the event to refine your policy. Send reports to your manager or auditors that show only the content that is related to each stakeholder.

In this release, SmartReporter and SmartEvent functionality is integrated into SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..

With rich and customizable views and reports, R80 introduced a new experience for log and event monitoring.

The new views are available from two locations: