Configure Network Device - Checkpoint Firewall

Procedure

Define syslog server objects in SmartConsole.

1. Connect with the SmartConsole
2. From the left navigation panel, click Gateways and Servers
3. Create the Hostobject that represents the Syslog server host
   1.       In the Object Explorer, click New > Host
   2.       Configure these fields:
   3. Name - Enter a unique name
   4. IPv4 address - Enter the correct IPv4 address of the syslog server
   5. Click OK.
      
4. Create the Syslog Server object that represents the Syslog server:
   4.       In the Object Explorer, click New > Server > More > Syslog
   5. Configure these fields:
   6.           Name - Enter a unique name
   7.           Host - Select an existing host or click New to define a new computer or appliance
   8. Port - Enter the correct port number on the syslog server (default = 514)
   9. Version - Select BSD Protocol 
   10. Click OK
5. Close the Object Explorer.

Connect with SmartConsole to the Management Server.

 Select the configured syslog server objects in the Security Gateway / Cluster object.

1.  Double-click the Security Gateway object
2.  From the left tree, click Logs
3.  In the Send logs and alerts to these log servers table, click the green (+) button to select the Syslog Server object(s) you configured earlier
4.  Click OK
5.  Install policy.

Configure the logging properties of the Security Gateways / each Cluster Member.

 The fwsyslog_enable kernel parameter enables or disables the Syslog in Kernel feature on Security Gateways:

•  Value 0 = Disabled (default)
•  Value 1 = Enabled

You can enable or disable the Syslog in Kernel feature temporarily (until the Security Gateway reboots), or permanently (survives reboot).