On This Page
From January 01, 2023, TOS R21-3 Classic is EOL. Technical support will be available for a limited period to customers with Extended Support agreements.
Getting Log Files for Upload
You can upload log files from your device to an APG job so that you can analyze past traffic, but you must first prepare the log files so that they are in the correct format for analysis. For Check Point devices, you can also do this from the command line.
To prepare log files from firewall devices:
- Collecting the log files from the firewall for the desired time frame.
- Remove all logs not related to traffic.
- Remove drop logs (unless you are analyzing dropped traffic).
- Filter for other values, if necessary.
- Identify and extract the relevant fields (source; destination; port; IP-protocol) in the logs.
- Convert the field values to the standard format:
source destination port IP-protocolFor example:
10.0.0.1 192.168.1.2 22 632.1.33.2 192.168.1.2 53 17 - Store the results in a single file.
