Extended Monitoring

Overview of Extended Monitoring

Spark Firewall Appliances do not have sufficient storage to keep all logs and monitoring data.

You can configure your Spark Firewall Appliance to upload the logs to Check Point cloud (the appliance uploads the logs to the Spark Management service in Check Point Portal).

When you need to review the data, your Spark Firewall Appliance download the applicable logs from Check Point cloud and shows them in WebUI.

Requirements for Extended Monitoring

  1. The Spark Firewall Appliance must run the firmware R81.10.15 or higher.

  2. The Spark Firewall Appliance must be connected to Cloud Services with the option "Use Cloud Capabilities".

    See Connecting to Cloud Services.

Note - If your Spark Firewall Appliance with the firmware R81.10.10 or lower was already connected to Spark Management, then after the firmware upgrade, the Extended Monitoring feature is available on your Spark Firewall Appliance.

Description of the WebUI Page

The Logs and Monitoring view > Monitoring section > Extended Monitoring page shows three tabs with multiple sections:

Viewing Log Records

You can review the logs in two places:

  • In the Spark Management service > Logs & Events view.

    See the Spark Management Administration Guide.

  • On your Spark Firewall Appliance > Logs and Monitoring view > section Monitoring > Extended Monitoring page.

    Each tab has the Search bar at the top:

    • On the left of the Search filed, you can click to select a preset time filter.

    • In the Search field, you can enter a string to filter the results in all sections (for example, enter an IP address).

    • On the right of the Search field, you can click the applicable button - to enable an automatic refresh or to refresh manually.