How to redirect log files to another drive (Checkpoint) (Firewall NG)
Posted by on 2014-09-19 14:47:47:
I'm running VPN-1 UTM and this tricked worked fine.
Looking at the registry, there are several keys under
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\
which look to pertain to whichever version you have installed.
Under the top level key
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\
is a "CurrentVersion" String.Mine is "6.0" so I navigated to
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\6.0
and created the "FWLOGDIR" string there, restarted the firewall and my logs appeared in the new location specified under "FWLOGDIR".Below is a note from the old Phoneboy FAQ detailing this tip for earlier versions (and for *nix based Checkpoint firewalls).
FireWall-1 Versions 3.0b-4.0 support modifying (or adding) the following
registry entry (It is of type String):
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\FWLOGDIR
Specify the full path name to the log directory here.
In 4.1, create the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\4.1\FWLOGDIR
Note: this directory must exist. You will need to restart the FireWall-1
service for this to take effect.
On Unix machines, you can symbolically link the $FWDIR/log directory to
another drive. For example:
fwstop mv $FWDIR/log $FWDIR/log.old ln -s /path/to/new/logdir $FWDIR/log fwstart
Tags: Checkpoint , Firewall , Windows
Return to home page: Home