I have FWSM and I configure it to send the logs to the manage engine firewall Analyzer to analyze the logs and give the monthly report. The FA is giving me the top hosts and destinations by bytes.
Current config on the FWSM
logging buffered debugging
logging trap informational
logging asdm informational
logging host outside FA_IP_Address
The logging for the acl is not enabled on all of them (only 10%).
My questions is If I need to track the whole traffic by bytes for any access through my FWSM, do I have to enable the logging for all the access-lists or not?
I have more than 1000 lines of access-list, if I enabled the logging on the acl, will it impact the firewall performance?