Log Server Distribution (asg_log_servers)

Description

In SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., you can configure multiple Log Servers for each Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. object.

In this environment, the Security Gateway sends its logs to all of its configured Log Servers.

Each Security GroupClosed A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. Member sends its logs to all Log Servers in the configuration.

To reduce the load on the Log Servers, enable the distribution of different Log Servers to different Security Groups.

When enabled, each Security Group Member sends its logs to one Log ServerClosed Dedicated Check Point server that runs Check Point software to store and process logs. only.

Note - You cannot configure the Security Group Member to send its logs to a specific Log Server. Distribution is automatic.

The Security Group automatically decides which Log Server is assigned to which Security Group Member.

Syntax

Run this command in Gaia gClishClosed The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. Commands you run in this shell apply to all Security Appliances in the Security Group. or the Expert mode.

asg_log_servers

Example

[Expert@MyChassis-ch0x-0x:0]# asg_log_servers
 
+-------------------------------------------------+
|             Log Servers Distribution            |
+-------------------------------------------------+
Log Servers Distribution Mode: Disabled
 
Available Log Servers:
* logServer
* Gaia
* LogServer2
 
Logs will be sent to all available servers.
 
Choose one of the following options:
------------------------------------
1) Configure Log Servers Distribution mode
2) Exit
 
 >1
+-------------------------------------------------+
|             Log Servers Distribution            |
+-------------------------------------------------+
 
Log Servers Distribution Mode: Disabled
 
Choose the desired option:
--------------------------
1) Enable Log Servers Distribution mode
2) Disable Log Servers Distribution mode
3) Back

If Log Servers Distribution is already enabled, the command shows which Log Servers are assigned to each Security Group Member:

+-------------------------------------------------+
|             Log Servers Distribution            |
+-------------------------------------------------+
 
Log Servers Distribution Mode: Enabled
 
Available Log Servers:
* LogServer
* Gaia
* LogServer2
 
Log Servers Distribution:
 
+------------------------------------+
| Blade id |        Chassis 1        |
|------------------------------------|
|    1     |  Gaia                   |
|    2     |  LogServer2             |
|    3     |  LogServer              |
|    4     |  Gaia                   |
|    5     |  -                      |
|    6     |  LogServer              |
|    7     |  -                      |
|    8     |  -                      |
|    9     |  LogServer              |
|    10    |  Gaia                   |
|    11    |  LogServer2             |
|    12    |  -                      |
+------------------------------------+
 
("-" - Blade is not in Security Group)
 
Choose one of the following options:
------------------------------------
1) Configure Log Servers Distribution mode
2) Exit