Recommended Logging Options for a Full High Availability Cluster

In a clusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing., log files are not synchronized between the two Cluster Members.

Best Practice - We recommend that you install a dedicated Log ServerClosed Dedicated Check Point server that runs Check Point software to store and process logs. and configure the Cluster Members to forward their logs to that dedicated Log Server.

Step

Instructions

1

Install a dedicated Log Server.

Follow Installing a Dedicated Log Server or SmartEvent Server.

2

Connect with SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. to the Full High Availability Cluster MemberClosed Security Gateway that is part of a cluster. that runs the Primary Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server..

3

From the left navigation panel, click Gateways & Servers.

4

Open the cluster object.

5

From the left navigation tree, click Logs > Additional Logging Configuration.

6

Select Forward log files to Log Server and select the object of the dedicated Log Server.

7

In the Log forwarding schedule field, select or define a Scheduled Event object.

8

Click OK.

9

Publish the SmartConsole session.

10

Install the Access Control Policy on this cluster object.