• Alerts
  • Check Point Alert of the Week: Firewall log file increase rate critical – possible connectivity loss to log server

Check Point Alert of the Week: Firewall log file increase rate critical – possible connectivity loss to log server

This is a real life sample alert from Indeni

Description:

Over the period of the last 300 seconds there has been an increase of 1 MB in the size of the log file ($FWDIR/log/fw.log). This is a fairly high number, indicating that it is possible that the firewall cannot reach its log servers or has a slow connection to them.

indeni will re-check this alert every 1 minute. If indeni determines the issue has been resolved, it will automatically be flagged as such.

Manual Remediation Steps:

Check all hardware connections as well as any equipment (such as switches and hubs). If the log traffic is sent over VPN, check the VPN tunnels as well. SK40090 may provide further guidance on this.

How does this alert work?

indeni monitors the size of the fw.log file and alerts if it’s rate of growth is more than 1MB per 5 minutes (these thresholds can be changed).

Additional Resources
Check Point appliances refresh: how do you compare?

Check Point Firewalls Alert of the Week

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.