Difference between revisions of "Useful commands and log files"
From Tech-Wiki
(→server_messages.log - Sync Errors / Client issues) |
|||
(11 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
[[Category:Check Point]] | [[Category:Check Point]] | ||
'''[[Check Point#Endpoint|Back to Endpoint]]''' | '''[[Check Point#Endpoint|Back to Endpoint]]''' | ||
+ | Check the Check Point services running: | ||
+ | |||
+ | cpwd_admin list | ||
Stop and Start UEPM services: | Stop and Start UEPM services: | ||
Line 8: | Line 11: | ||
uepm_start | uepm_start | ||
− | UEPM | + | UEPM Logs Directory: |
$UEPMDIR/logs | $UEPMDIR/logs | ||
+ | |||
+ | === server_messages.log - Sync Errors / Client issues === | ||
+ | |||
+ | tail -f $UEPMDIR/logs/server_messages.log | ||
+ | |||
+ | This file is very useful when determining if management/policy servers are able to sync | ||
+ | |||
+ | [2016-10-22 20:52:26,091] INFO Dispatcher-Thread-11 - <span style="color:#FF0000">'''Retrieved file:'''</span> sic://172.16.0.1:18193/cp/file/45/28bf92a2-7673-43de-acca-8c3abf524253 and saved to... | ||
+ | [2016-10-22 20:52:27,084] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/77/44678a8a-a1d4-4b93-9cdf-ed04dc6274f8 and saved.... | ||
+ | [2016-10-22 20:52:27,360] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/10/03f9726e-5221-4fa7-ae1e-47e7d171699d and saved.... | ||
+ | [2016-10-22 20:52:27,643] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/35/11152d3d-0137-4ca0-972c-079badb30116 and saved.... | ||
+ | [2016-10-22 20:52:27,973] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/100/6236a4eb-8119-4126-94cf-8bfab446011b and saved to.... | ||
+ | [2016-10-22 20:52:29,198] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/6/d10dd20c-0c1c-4c9c-a653-2d13b60ae927 and saved to.. | ||
+ | [2016-11-01 17:17:13,196] INFO Dispatcher-Thread-10 - <span style="color:#FF0000">'''Finished synchronizing with EPS server'''</span>. (ConnectionPointStateMachine) | ||
+ | |||
+ | It's also useful to check for GIU client issues (see enable [[Enable Debug Mode in SmartEndpoint|debug mode]]) and also endpoint client connectivity issues. | ||
+ | |||
+ | [2016-11-02 00:16:48,040] <span style="color:#FF0000">'''ERROR'''</span> Dispatcher-Thread-10 - <span style="color:#FF0000">'''A server exception occurred while handling an endpoint request'''</span>. Request size: 3271, scheme... | ||
+ | |||
+ | === apache_access.log – Client Connectivity issues === | ||
+ | |||
+ | tail -f $UEPMDIR/logs/apache_access.log | ||
+ | |||
+ | This is useful when checking if the EPM service is working correctly. | ||
+ | |||
+ | Checking the HTTP status code clients get when accessing the server give a good indication of server health. | ||
+ | |||
+ | '''HTTP 200 – Working''' | ||
+ | |||
+ | -, 172.16.0.1 - - [02/Nov/2016:15:49:18 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" <span style="color:#FF0000">'''200'''</span> 662 0/1110 "-" "-" | ||
+ | -, 172.16.0.2 - - [02/Nov/2016:15:49:18 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" <span style="color:#FF0000">'''200'''</span> 666 0/1057 "-" "-" | ||
+ | -, 172.16.0.1 - - [02/Nov/2016:15:49:18 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" <span style="color:#FF0000">'''200'''</span> 159 0/561 "-" "-" | ||
+ | -, 172.16.0.2 - - [02/Nov/2016:15:49:18 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" <span style="color:#FF0000">'''200'''</span> 159 0/422 "-" "-" | ||
+ | |||
+ | '''HTTP 500 – Not working - Internal Server Error''' | ||
+ | |||
+ | -, 172.16.0.1 - - [02/Nov/2016:15:55:11 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" <span style="color:#FF0000">'''500'''</span> 670 0/1120 "-" "-" | ||
+ | -, 172.16.0.2 - - [02/Nov/2016:15:55:11 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" <span style="color:#FF0000">'''500'''</span> 670 0/1058 "-" "-" | ||
+ | -, 172.16.0.1 - - [02/Nov/2016:15:55:11 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" <span style="color:#FF0000">'''500'''</span> 159 0/606 "-" "-" | ||
+ | -, 172.16.0.2 - - [02/Nov/2016:15:55:11 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" <span style="color:#FF0000">'''500'''</span> 159 0/642 "-" "-" |
Latest revision as of 09:08, 2 November 2016
Back to Endpoint Check the Check Point services running:
cpwd_admin list
Stop and Start UEPM services:
uepm_stop uepm_start
UEPM Logs Directory:
$UEPMDIR/logs
server_messages.log - Sync Errors / Client issues
tail -f $UEPMDIR/logs/server_messages.log
This file is very useful when determining if management/policy servers are able to sync
[2016-10-22 20:52:26,091] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/45/28bf92a2-7673-43de-acca-8c3abf524253 and saved to... [2016-10-22 20:52:27,084] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/77/44678a8a-a1d4-4b93-9cdf-ed04dc6274f8 and saved.... [2016-10-22 20:52:27,360] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/10/03f9726e-5221-4fa7-ae1e-47e7d171699d and saved.... [2016-10-22 20:52:27,643] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/35/11152d3d-0137-4ca0-972c-079badb30116 and saved.... [2016-10-22 20:52:27,973] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/100/6236a4eb-8119-4126-94cf-8bfab446011b and saved to.... [2016-10-22 20:52:29,198] INFO Dispatcher-Thread-11 - Retrieved file: sic://172.16.0.1:18193/cp/file/6/d10dd20c-0c1c-4c9c-a653-2d13b60ae927 and saved to.. [2016-11-01 17:17:13,196] INFO Dispatcher-Thread-10 - Finished synchronizing with EPS server. (ConnectionPointStateMachine)
It's also useful to check for GIU client issues (see enable debug mode) and also endpoint client connectivity issues.
[2016-11-02 00:16:48,040] ERROR Dispatcher-Thread-10 - A server exception occurred while handling an endpoint request. Request size: 3271, scheme...
apache_access.log – Client Connectivity issues
tail -f $UEPMDIR/logs/apache_access.log
This is useful when checking if the EPM service is working correctly.
Checking the HTTP status code clients get when accessing the server give a good indication of server health.
HTTP 200 – Working -, 172.16.0.1 - - [02/Nov/2016:15:49:18 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" 200 662 0/1110 "-" "-" -, 172.16.0.2 - - [02/Nov/2016:15:49:18 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" 200 666 0/1057 "-" "-" -, 172.16.0.1 - - [02/Nov/2016:15:49:18 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" 200 159 0/561 "-" "-" -, 172.16.0.2 - - [02/Nov/2016:15:49:18 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" 200 159 0/422 "-" "-"
HTTP 500 – Not working - Internal Server Error -, 172.16.0.1 - - [02/Nov/2016:15:55:11 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" 500 670 0/1120 "-" "-" -, 172.16.0.2 - - [02/Nov/2016:15:55:11 +0000] "POST /cp/connectionPoint/hb HTTP/1.1" 500 670 0/1058 "-" "-" -, 172.16.0.1 - - [02/Nov/2016:15:55:11 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" 500 159 0/606 "-" "-" -, 172.16.0.2 - - [02/Nov/2016:15:55:11 +0000] "GET /cp/connectionPoint/syncreq HTTP/1.1" 500 159 0/642 "-" "-"