Introduction to Logging and Monitoring
From R80, logging, event Record of a security or network incident that is based on one or more logs, and on a customizable set of rules that are defined in the Event Policy. management, reporting, and monitoring are more tightly integrated than ever before. Security data and trends easy to understand at a glance, with Widgets and chart templates that optimize visual display. Logs are now tightly integrated with the policy rules. To access logs associated with a specific rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session., click that rule. Free-text search lets you enter specific search terms to retrieve results from millions of logs in seconds.
One-click exploration makes it easy to move from high-level overview to specific event details such as type of attack, timeline, application type and source. After you investigate an event, it is easy to act on it. Depends on the severity of the event, you can ignore it, act on it later, block it immediately, or toggle over to the rules associated with the event to refine your policy. Send reports to your manager or auditors that show only the content that is related to each stakeholder.
In this release, SmartReporter and SmartEvent functionality is integrated into SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..
With rich and customizable views and reports, R80 introduced a new experience for log and event monitoring.
The new views are available from two locations:
-
SmartConsole > Logs & Monitor
-
SmartView Web Application. Browse to: https://<Server IP Address>/smartview/
Where Server IP Address is IP address of the Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. or SmartEvent Server Dedicated Check Point server with the enabled SmartEvent Software Blade that hosts the events database..