Globally setting all ACLS to log

Unanswered Question
May 24th, 2010
User Badges:

We currently receive syslogs (informational) for all connections but have recently deployed an auditing tool that requires that each ACL also be set to log. Is there a way to globally set all ACLs to log?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Mon, 05/24/2010 - 10:22
User Badges:
  • Green, 3000 points or more

Hi,


Are you referring to an ASA?

In the ASA you can set the ''log'' keyword at the end of the statement to generate a log for that line. This must be done on all ACEs in the ACL.

Also, you can set the alert-interval for those logs (access-list alert-interval)


Federico.

jeromecandiff Mon, 05/24/2010 - 10:25
User Badges:

Thank you for the reply. The issue that we are having is that we currently manage hundreds of ASA's , each with hundreds of ACE's per

ACL. Is there a way to globally set each ACE to log without redoing every single ACL?

Federico Coto F... Mon, 05/24/2010 - 10:30
User Badges:
  • Green, 3000 points or more

I don't think there's a way to globally enable logging for all the ACLs on the ASA itself, because you normall want to do this on specific ACEs.


However if you use Cisco Security Monitor you might be able to inject such a policy to all ASAs simultaneously.


Federico.

Actions

This Discussion