How to redirect log files to another drive (Checkpoint) (Firewall NG)


I'm running VPN-1 UTM and this tricked worked fine.

Looking at the registry, there are several keys under HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\

which look to pertain to whichever version you have installed.

Under the top level key HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\ is a "CurrentVersion" String.

Mine is "6.0" so I navigated to HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\6.0 and created the "FWLOGDIR"

string there, restarted the firewall and my logs appeared in the new location specified under "FWLOGDIR".

Below is a note from the old Phoneboy FAQ detailing this tip for earlier versions.

FireWall-1 Versions 3.0b-4.0 support modifying (or adding) the following
registry entry (It is of type String):
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\FWLOGDIR
Specify the full path name to the log directory here.
In 4.1, create the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\4.1\FWLOGDIR
Note: this directory must exist. You will need to restart the FireWall-1
service for this to take effect.
On Unix machines, you can symbolically link the $FWDIR/log directory to
another drive. For example:
fwstop
mv $FWDIR/log $FWDIR/log.old
ln -s /path/to/new/logdir $FWDIR/log
fwstart

admin has written 89 articles