Logging and Status Software Blade featuring SmartLog
The Check Point Logging and Status Software Blade transforms data into security intelligence with SmartLog, an advanced log analyzer that delivers split-second search results providing real-time visibility into billions of log records over multiple time periods and domains.
Split-second search results provides visibility into billions of log records
- Simple and intuitive Google-like search experience
- Split-second search results from any log field
- Tuned for large-scale environments
Analyze patterns from multiple log files for proactive security investigation
- Find records over multilple log files, time periods, gateways and domains
- Look for patterns by action, user, time or geography
- Top-level statistical display on search results
Real-time visibility of security activity reduces troubleshooting time
- Real-time security logging of all connections and administrator activity
- Flexible control of the location and size of log storage
- Integrates with third-party security logging solutions via OPSEC LEA API
Integral part of Check Point Security Management
- Centrally track security activity across all Software Blades
- Unified log search and investigation in Multi-Domain environments
- Part of Check Point's unified Security Management Suite
SmartLog Next Generation Log Analyzer
SmartLog is a powerful, easy to use Log Management tool that reads logs generated by Check Point and OPSEC log-generating products, and enables enterprises to centrally track log records across all Software Blades with:
SmartLog is a powerful, easy to use Log Management tool that reads logs generated by Check Point and OPSEC log-generating products, and enables enterprises to centrally track log records across all Software Blades with:
- Split-second search results that provide instant visibility into billions of log records
- Intuitive search experience with real-time search results from any log field.
- Ability to search multiple log files, time periods, gateways, domains, actions, users, time period or geographies for proactive security investigation.
Simple and Intuitive Google-like Search Experience
SmartLog provides simple and intuitive split-second Google-like search and filtering results for instant visibility of security status. Textual search is available on all log records and fields, along with real-time log indexing. SmartLog has a scalable and robust architecture that can search billions of log records. This dramatically reduces the time required to troubleshoot configuration errors.
SmartLog provides simple and intuitive split-second Google-like search and filtering results for instant visibility of security status. Textual search is available on all log records and fields, along with real-time log indexing. SmartLog has a scalable and robust architecture that can search billions of log records. This dramatically reduces the time required to troubleshoot configuration errors.
Real-time Visibility and Troubleshooting
SmartLog provides real-time log tracking of all logged connections and activity where administrators can search for events of interest. Proactive security investigation allows for analysis of communication patterns over multiple log files, time periods, gateways and domains with top-level statistical display. Search results can be drilled down to a single log record and log filters/queries can be saved for future use. The timeline view provides clear understanding and orientation of results. These features dramatically reduce troubleshooting time.
SmartLog provides real-time log tracking of all logged connections and activity where administrators can search for events of interest. Proactive security investigation allows for analysis of communication patterns over multiple log files, time periods, gateways and domains with top-level statistical display. Search results can be drilled down to a single log record and log filters/queries can be saved for future use. The timeline view provides clear understanding and orientation of results. These features dramatically reduce troubleshooting time.
Powerful, Easy to use Queries
SmartLog comes with many predefined queries that are ready to run right out of the box. You can also create your own custom queries and save them for future use.
SmartLog comes with many predefined queries that are ready to run right out of the box. You can also create your own custom queries and save them for future use.
Proactive Security Investigation
Monitor communication patterns over multiple log files, time periods, gateways and domains for proactive security investigation. Search results can be queried to a single log record and can be saved for future use.
Monitor communication patterns over multiple log files, time periods, gateways and domains for proactive security investigation. Search results can be queried to a single log record and can be saved for future use.
Easy to Deploy
SmartLog is part of the SmartConsole suite, available at no extra charge with the Logging and Status R75.40 Software Blade. No additional configuration is necessary - administratros simply enable SmartLog on their management or log server, saving time and reducing costs by leveraging existing security systems.
.
SmartLog is part of the SmartConsole suite, available at no extra charge with the Logging and Status R75.40 Software Blade. No additional configuration is necessary - administratros simply enable SmartLog on their management or log server, saving time and reducing costs by leveraging existing security systems.
Intetegral Component of Check Point Security Management
The Logging and Status Software Blade is an integral component of Check Point Security Management Systems. Check Point's unified security management system enables centralized tracking for all software blades from one console. The Logging and Status Software Blade can be easily activated on existing Check Point Security Gateways and Management Servers saving time and reducing costs by leveraging existing security infrastructure.
The Logging and Status Software Blade is an integral component of Check Point Security Management Systems. Check Point's unified security management system enables centralized tracking for all software blades from one console. The Logging and Status Software Blade can be easily activated on existing Check Point Security Gateways and Management Servers saving time and reducing costs by leveraging existing security infrastructure.
Additional Features
| Feature | Details |
|---|---|
| Log format | As defined in the OPSEC LEA API |
| Packet capture | Available for IPS events |
| Log types | Connection, active, audit and others depending on product |
| Event notification types | Log, alert, SNMP trap, email, and user- defined script |
| Granular log options | Security policy rulebase globally for implied rules and other options |
| Secure log transport | Via the Check Point Secure Internal Infrastructure |
| Automatic log switching | Up to 2 GB (default), configurable |
| Log switch | Manual or automatic at a specific time or size |
| Log file maintenance | Maintain a free percentage of disk space, specify alerts to keep for specified days and run a user defined script |
| Backup log servers | Store locally or send to alternate log servers |
| Predefined and customizable log queries | Predefined by product |
| Customizable log filters | By log field |
| Remote log file management | Switch, view, and retrieve from Tracker |
| Default and user defined tools | Ping, whois and nslookup |
| Internet Protocol versions | IPv6 and IPv4 |
|
|
Smart-1 5 |
Smart-1 25 |
Smart-1 50 |
| Managed Gateways | 5-25 | 25-50 | 50-150 |
| Device Storage | 500GB | 2x1TB | 4x1TB |
| Daily log capacity without SmartLog | 2GB | 12GB | 25GB |
| Daily log capacity with SmartLog | 3.6GB | 21.6GB | 45GB |
| SmartLog retention period* | 1 Month | 1 Month | 1 Month |
* log retention period calculated based on available storage on device and includes both logs and SmartLog index storage
- Products A-Z
- Appliances
- Appliances Overview
- 2200 Appliances
- 4000 Appliances
- 12000 Appliances
- 21000 Appliance
- 61000 Security System
- DDoS Protector Appliances
- SecurityPower
- Secure Web Gateway Appliance
- Threat Prevention Appliance
- Series 80
- UTM-1 Edge
- IP Appliances
- Virtual Systems
- Safe@Office
- Smart-1
- Smart-1 SmartEvent
- Integrated Appliance Solution
- IAS Bladed Hardware
- Software Blades
- Software Blades Overview
- Security Gateway
- Firewall
- IPSec VPN
- IPS
- Mobile Access
- Application Control
- Identity Awareness
- DLP
- Web Security
- URL Filtering
- Anti-Bot
- Antivirus
- Anti-Spam & Email Security
- Advanced Networking & Clustering
- Voice over IP (VoIP)
- Threat Prevention
- ThreatCloud™
- Security Management
- Compliance
- Network Policy Management
- Endpoint Policy Management
- Logging & Status
- SmartWorkflow
- Monitoring
- Management Portal
- User Directory
- SmartProvisioning
- SmartReporter
- SmartEvent
- Multi-Domain Security Management
- Virtualization Security
- Security Gateway Virtual Edition
- Cloud Security
- Virtual Appliance for Amazon Web Services
- Security Systems
- Security Systems Overview
- Endpoint Security
- Endpoint Security
- Full Disk Encryption
- Media Encryption
- Anti-Malware & Program Control
- Remote Access VPN
- Firewall & Compliance
- Check Point WebCheck
- Check Point GO
- Solutions
- Remote Access
- Consumer Products
- ZoneAlarm Antivirus
- ZoneAlarm ForceField
- ZoneAlarm Internet Security Suite