I need to check/control all system events on many CheckPoint FW1 - don't misunderstand - not rules triggering, but events such admins log on, rules changes and etc.

I found out that I can make an log export using 2 methods:

1. Grab logs
2. Use special script that redirect Checkpoint log entries to syslog, FW1-Loggrabber

But it's not clear for me does such logs also contain information that i need (admins log on, rules changes)? And If yes is it possible to filter events?

I also suppose, that if system bases on *nix platform it must be a ploy - use based functions of the system to do what i want. Unfortunately i don't know where to "dig". May be you know?

Updated: New info "FW-1 can pipe its logs to syslog via Unix's logger command, and there are third party log-reading utilities"

So, the main question is how do my task in the best way? Has anybody already resolved such problem?

P.S. I' m new with CheckPoint, so all information will be useful for me. Thank you.