A client calls me to check firewall logs to verify that his traffic is passing through a CheckPoint firewall. The firewall is CheckPoint NG FP3 running on solaris. The Management server is down because the unix team is applying patches to the management server. How do I check the logs on the firewall?
The logs are held in a /log subdirectory beneath your main firewall directory, but I don't think you can just read them. I've only been on the basic FW1 admin course, but the instructor mentioned that there are a ton of command-line utilities that you can use directly on the enforcement module and I'm sure I remember reading the logs being mentioned. A trawl of the manuals might turn up what you need. Alternatively, could you copy the file out and read it using a different management console?
'fw log -f' will log to the screen. You may also want to add '-n' to not resolve names. Ctrl-C to break out of it.
as for the commands you listed, most of them will work on both enforcement module and smartcenter, with the exception of the 'fwm' commands (the 'm' for management). If you try to run an 'fwm' command on an enforcement module, it will tell you that it's not a mangement server, and just error out.