fw lslogs

Description

Shows a list of Security log files ($FWDIR/log/*.log) and Audit log files ($FWDIR/log/*.adtlog) residing on the local computer or a remote computer.

Syntax

fw [-d] lslogs [-f <Name of Log File 1>] [-f <Name of Log File 2>] ... [-f <Name of Log File N>] [-e] [-r] [-s {name | size | stime | etime}] [<Target>]

Parameters

Parameter

Description

-d

Runs the command in debug mode.

Use only if you troubleshoot the command itself.

Best Practice - If you use this parameter, then redirect the output to a file, or use the script command to save the entire CLI session.

-f <Name of Log File>

Specifies the name of the log file to show. Need to specify name only.

Notes:

  • If the log file name is not specified explicitly, the command shows all Security log files ($FWDIR/log/*.log).

  • File names may include * and ? as wildcards (for example, 2019-0?-*). If you enter a wildcard, you must enclose it in double quotes or single quotes.

  • You can specify multiple log files in one command. You must use the "-f" parameter for each log file name pattern:

    -f <Name of Log File 1> -f <Name of Log File 2> ... -f <Name of Log File N>

-e

Shows an extended file list. It includes the following information for each log file:

  • Size - The total size of the log file and its related pointer files

  • Creation Time - The time the log file was created

  • Closing Time - The time the log file was closed

  • Log File Name - The file name

-r

Reverses the sort order (descending order).

-s {name | size | stime | etime}

Specifies the sort order of the log files using one of the following sort options:

  • name - The file name

  • size - The file size

  • stime - The time the log file was created (this is the default option)

  • etime - The time the log file was closed

<Target>

Specifies the remote Check Point computer, with which this local Check Point computer has established SIC trust.

  • If you run this command on a Security Management Server or Domain Management Server, then <Target> is the applicable object's name or main IP address of the Check Point Computer as configured in SmartConsole.

  • If you run this command on a Security Gateway or Cluster Member, then <Target> is the main IP address of the applicable object as configured in SmartConsole.

Example 1 - Default output

[Expert@HostName:0]# fw lslogs
     Size Log file name
         9KB 2019-06-14_000000.log
        11KB 2019-06-15_000000.log
         9KB 2019-06-16_000000.log
        10KB 2019-06-17_000000.log
         9KB fw.log
[Expert@HostName:0]#

Example 2 - Showing all log files

[Expert@HostName:0]# fw lslogs -f "*"
     Size Log file name
         9KB fw.adtlog
         9KB fw.log
         9KB 2019-05-29_000000.adtlog
         9KB 2019-05-29_000000.log
         9KB 2019-05-20_000000.adtlog
         9KB 2019-05-20_000000.log
[Expert@HostName:0]#

Example 3 - Showing only log files specified by the patterns

[Expert@HostName:0]# fw lslogs -f "2019-06-14*" -f '2019-06-15*'
     Size Log file name
         9KB 2019-06-14_000000.adtlog
         9KB 2019-06-14_000000.log
        11KB 2019-06-15_000000.adtlog
        11KB 2019-06-15_000000.log
[Expert@HostName:0]#

Example 4 - Showing only log files specified by the patterns and their extended information

[Expert@HostName:0]# fw lslogs -f "2019-06-14*" -f '2019-06-15*'
     Size Log file name
         9KB 2019-06-14_000000.adtlog
         9KB 2019-06-14_000000.log
        11KB 2019-06-15_000000.adtlog
        11KB 2019-06-15_000000.log
[Expert@HostName:0]#

Example 5 - Showing only log files specified by the patterns, sorting by name in reverse order

[Expert@HostName:0]# fw lslogs -f "2019-06-14*" -f '2019-06-15*' -e -s name -r
     Size Creation Time Closing Time Log file name
        11KB 14Jun2018 0:00:00 15Jun2018 0:00:00 2019-06-15_000000.log
        11KB 14Jun2018 0:00:00 15Jun2018 0:00:00 2019-06-15_000000.adtlog
         9KB 13Jun2018 18:23:59 14Jun2018 0:00:00 2019-06-14_000000.log
         9KB 13Jun2018 0:00:00 14Jun2018 0:00:00 2019-06-14_000000.adtlog
[Expert@HostName:0]#

Example 6 - Showing only log files specified by the patterns, from a managed Security Gateway with main IP address 192.168.3.53

[Expert@MGMT:0]# fw lslogs -f "2019-06-14*" -f '2019-06-15*' 192.168.3.53
     Size Log file name
        11KB 2019-06-15_000000.adtlog
        11KB 2019-06-15_000000.log
         9KB 2019-06-14_000000.log
         9KB 2019-06-14_000000.adtlog
[Expert@MGMT:0]#