Here's something that has been bothering me for a while. When I export the
log to a text file, I am always afraid that I am going to end up losing some
entries between the time that I export it, and the time that I purge it. The
log is normally anywhere from 100,000 to 200,000 entries by the time I do
this.
If FW1 continues logging entries while exporting (exporting normally takes
20-30 minutes), then I assume that if I begin to export the log at 5:00:00,
and an entry into the log is made at 5:10:00pm, in the middle of the export
process, that entry is also exported.
Or, is a "snapshot" of the log taken at the time of the export start, and no
new entries are added to the export?
If new entries *are* logged, then the only ones I am at risk of losing are
the few between the time that the log finishes exporting, and when I purge
the log, which may take 5 seconds or so.
Does anyone know of a good way to do this so that not even one entry is lost
between the export/purge process?
Thanks,
Evan
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
