Checkpoint   Checkpoint – /var/log full (possible cause)

Yesterday I realized (after checking the backup of one of my gateways was failing) that the /var/log partition was 100% full:

[Expert@vsx1:0]# df -h
Filesystem 			Size 	Used 	Avail 	Use% 	Mounted on
/dev/mapper/vg_splat-lv_current 31G 	21G 	9.0G 	70% 	/
/dev/md0 			289M 	130M 	145M 	48% 	/boot 
tmpfs 				32G 	0 	32G 	0% 	/dev/shm
/dev/mapper/vg_splat-lv_log 	146G 	146G 	0 	100% 	/var/log

Surprinsingly, it used to have … Read more

POWERSHELL   Powershell – Could not create SSL/TLS secure channel

I use Powershell to send monitoring results to the Icinga API (passive checks). For example, to check if the Exchange backups were processed correctly, I run a Exchange powershell and then the results are sent using “Invoke-WebRequest” command.

Since I disabled obsolete and insecure TLSv1 and TLSv1.1 protocols in the Exchange server, the script was not working anymore returning error:… Read more

   Exchange – Bulk import of distribution group members from csv

A short but useful post:

Suppose you need to import hundreds of members to a distribution group.
The list is in a CSV file:


To bulk import all the users, a simple command like this is enough:… Read more

   Nextcloud – Error modifying files or folders: locked error

Yesterday I came across a problem in which I tried to modify (rename, delete, …) a folder and it returned an error.

Nextcloud logs (/var/www/nextcloud/data/nextcloud.log) showed the following:

"reqId":"Pf4KW9q1WDVe1YdmG0Mt","level":3,"time":"2019-09-10T16:36:53+00:00","remoteAddr":"","user":"user1","app":"no app in context","method":"DELETE","url":"\/remote.php\/dav\/files\/user1\/ALBUMS\/New%20folder","message":{"Exception":"OCP\\Lock\\LockedException","Message":"\"files\/8010dab5adf49336ecdaf75a2008d5ab\" is locked","Code":0,"Trace":[{"file":"\/var\/www\/html\/nextcloud\/lib\/private\/Files\/Storage\/Common.php","line":779,"function":"changeLock","class":"OC\\Lock\\DBLockingProvider","type":"->","args":["files\/8010dab5adf49336ecdaf75a2008d5ab",2]},{"file":"\/var\/www\/html\/nextcloud\/lib\/private\/Files\/Storage\/Wrapper\/Wrapper.php","line":615,"function":"changeLock","class":"OC\\Files\\Storage\\Common","type":"->","args":["Nueva carpeta",2,{"__class__":"OC\\Lock\\DBLockingProvider"}


Enter maintenance mode

sudo -u www-data php occ maintenance:mode --on

Then, all entries of the table oc_file_locks … Read more

Home Server icon   Home Server (9) – Upgrade HP Microserver Gen8 CPU

Im using my Microserver Gen8 a lot and, sometimes the poor performance of the CPU is noted (when showing galleries with many images for example). So I decided to replace it by another better one.

CPU model to choose

I chose the cpu model based on this resource

Those are compatible CPU with different performances prices and all of them … Read more

Checkpoint   Checkpoint – Custom application signature ACST

This time I show you the Checkpoint “Application Control Signature Tool”. This tool allows you to create your own Apps and URL filtering signatures.
For example, I’m using it to block Torrent clients based on the User-Agent, but it is very versatile and you can use it in many ways.

Downloading the tool

Visit the following SK103051 and download it. … Read more

Checkpoint   Checkpoint – Useful SNMP OIDs to monitor (VSX)

It is very important to keep your Checkpoint environment monitored. Given that it offers a wide variety of SNMP data, I have collected some of the (in my opinion) most useful OIDs MIBs. Altough I use Icinga and Grafana (as you can see the related outputs in this post), almost any monitoring system can be used to get … Read more

Security   Security – List available cipher suite using nmap

If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).

But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more

Checkpoint   Checkpoint – Unexpected high cpu usage and SecureXL

Last monday I realized that the cpu was very high on one of my Checkpoint VSX nodes.
Looking at my Icinga graphs it seemed it started on friday at 3 o’clock:

Running a top directly on the VSX, I delimited the high to one of the virtual systems that runs on that VSX. In this image the fwk2 threads that … Read more