Question:
Hi on 5.9 i am getting 'critical configuration files mismatch across cluster members'
referencing /etc/syslog.conf
this is a file that is created by Check Point itself in Gaia.
Here are they two configs from the cluster, what is it spotting ?
[Expert@xxx-gateway-01:0]# cat /etc/syslog.conf
# This file was AUTOMATICALLY GENERATED
# Generated by /bin/syslog_xlate on Thu Aug 11 14:48:34 2016
#
# DO NOT EDIT
#
auth.* /var/log/auth
*.info;local5.emerg;local0.notice;authpriv.emerg;cron.emerg;mail.emerg /var/log/messages
mail.* /var/log/maillog
*.emerg *
cron.* /var/log/cron
local7.* /var/log/boot.log
authpriv.* /var/log/secure
uucp.crit;news.crit /var/log/spooler
[Expert@xxx-gateway-01:0]#
[Expert@xxx-gateway-02:0]# cat /etc/syslog.conf
# This file was AUTOMATICALLY GENERATED
# Generated by /bin/syslog_xlate on Thu Jun 15 10:52:32 2017
#
# DO NOT EDIT
#
auth.* /var/log/auth
*.info;local5.emerg;local0.notice;authpriv.emerg;cron.emerg;mail.emerg /var/log/messages
mail.* /var/log/maillog
*.emerg *
cron.* /var/log/cron
local7.* /var/log/boot.log
authpriv.* /var/log/secure
uucp.crit;news.crit /var/log/spooler
[Expert@xxx-gateway-02:0]#
I looked at the script and ran it. It looks like the md5sum is really different for both files, even though it ignores the “Generated” line. There are probably spaces here that mean nothing but result in a different md5sum. Maybe we should ignore whitespaces in the files?
Answer:
Your analysis seems accurate. We will ask a community member to update the script so that it ignores whitespace.