on Sep 8, 2008Hi. Our customer would like to import several different CheckPoint logs to produce special reports for those endusers. I've tried to setup this with LEAREAD but i get some errormessages;
E:\nic\3700\RSA-TT-ES\bin>learead -n lier-everk-fw -f d:\lier-everk-fw-28Aug2008.log
failed to start OPSEC session to read d:\lier-everk-fw-28Aug2008.log
E:\nic\3700\RSA-TT-ES\bin>learead -n -t lier-everk-fw -f d:\lier-everk-fw-28Aug2008.log
Unable to create OPSEC environment
I've tried both with or without a LEAREAD-device for my ip (lier-everk-fw) services restarted (even the appliance) anyone who can point me in the right direction? tx SJ
Its a 1060 and version 3.7
E:\nic\3700\RSA-TT-ES\bin>learead -n lier-everk-fw -f d:\lier-everk-fw-28Aug2008.log
failed to start OPSEC session to read d:\lier-everk-fw-28Aug2008.log
E:\nic\3700\RSA-TT-ES\bin>learead -n -t lier-everk-fw -f d:\lier-everk-fw-28Aug2008.log
Unable to create OPSEC environment
I've tried both with or without a LEAREAD-device for my ip (lier-everk-fw) services restarted (even the appliance) anyone who can point me in the right direction? tx SJ
Its a 1060 and version 3.7
Hi,
If we can get the raw logs into a UNX format extension, then we can use the injector on the Envision server to load them. This would be the syntax :
From the command prompt:
E:\nic\4100\SITE_NAME\bin>injector -file C:\Checkpointlogs.unx -redirect -minutes 3 -quiet -eps 100
NOTE: Your site name will differ.
Keep an eye to verify that the devices has been created in the Envision GUI
Thank you
David