Logging Access-List Hit Counts to SysLog Server

Unanswered Question
Jun 11th, 2010
User Badges:

I have a Cisco PIX Firewall 525 Version 6.3(5) running that we are in process of decomissioning it.  I am still getting some hitcounts on the following access-list and and want to anaylze it by sending it to syslog server.



access-list PeopleSupport line 21 permit ip host 10.71.0.170 172.29.136.0 255.255.255.0
access-list PeopleSupport line 24 permit ip host 10.71.0.170 172.22.195.0 255.255.255.0
access-list PeopleSupport line 31 permit ip host 10.110.9.171 172.16.152.0 255.255.255.0
access-list PeopleSupport line 26 permit ip host 10.71.0.170 172.22.199.0 255.255.255.0


I have enabled logging with following commands:


Logging on

Logging trap informational

Logging facility 6

Logging host inside 10.88.169.58


Now, What do I need to define in access-lists to send hit counts to syslog.


Will the below configuration work?  I have a long list of access-list but only want to add logging to the above access-list Line Numbers.


From:

no access-list PeopleSupport line 21 permit ip host 10.71.0.170  172.29.136.0 255.255.255.0
no access-list PeopleSupport line 24 permit ip host 10.71.0.170  172.22.195.0 255.255.255.0
no access-list PeopleSupport line 31 permit ip host 10.110.9.171  172.16.152.0 255.255.255.0
no access-list PeopleSupport line 26 permit ip host 10.71.0.170  172.22.199.0 255.255.255.0


To:


access-list PeopleSupport line 21 permit ip host 10.71.0.170  172.29.136.0 255.255.255.0 log informational
access-list PeopleSupport line 24 permit ip host 10.71.0.170  172.22.195.0 255.255.255.0 log informational
access-list PeopleSupport line 31 permit ip host 10.110.9.171  172.16.152.0 255.255.255.0 log informational
access-list PeopleSupport line 26 permit ip host 10.71.0.170  172.22.199.0 255.255.255.0 log informational

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion