Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MARS and Check Point Firewall Logging


I have added my Check Point CMA object to MARS, but am not getting seeing any log information.  My CLM is a separate server (child enforcement module), which is discovered OK when the intial CMA discovery takes place in MARS.  I have configured the Log Info settings for the CLM entry in MARS with the SIC details for the Check Point MARS and CLM objects.

I've created a simple query to gather outbound ftp data (for which there is lots) and I am seeing nothing when running this query in MARS.  The associated CLM log shows plenty of entries.  I am keen to be able to get some historical logging data via MARS, so any help to resolve this issue would be appreciated.

Many thanks


Cisco Employee

Re: MARS and Check Point Firewall Logging


  CS-MARS<>Check Point integration can be very tricky and is very dependent on the versions of software involved.  You may be able to find out some additional insight into the process by raising the CS-MARS logging level for Check Point and monitoring the output.  This is accomplished from the CS-MARS CLI:

[pnadmin]$ pnlog setlevel cpdebug 

You can then view the messages via the CLI as well:

[pnadmin]$ pnlog show cpdebug

  If this does not shed any light on the communication between CS-MARS and the Check Point devices, it would be best to open a service request with TAC to further troubleshooting can be performed.