ASA 8.0(4). How to stop these syslog messages?

Unanswered Question
Oct 25th, 2010
User Badges:

On one of my ASA 5520 pairs (8.0(4)) on one interface I am getting a ton fo the following kind of messages:




access-list ETH_H_MPLS_access_in permitted tcp ETH_H_MPLS/2.2.2.32(2018) -> ETH_Vuhe_vm/1.1.1.103(443) hit-cnt 1 first hit [0x99b23d84, 0x95ea2028]



I only get this for one interface and not for any of the others.  Is there a way to stop these from showing up in ASDM (6.1.5) and in syslog?


Thanks
Joerg

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
mirober2 Mon, 10/25/2010 - 07:14
User Badges:
  • Cisco Employee,

Hi Joerg,


Check the output of 'show run access-list'. If you see any lines with the 'log' keyword included, these messages will be logged when the ACE is matched. If you don't want to log the hits, you can remove the 'log' keyword from each access-list line.


Hope that helps.


-Mike

joerggrau Mon, 10/25/2010 - 07:17
User Badges:

Mike,


I do want to kepp logging errors etc, just not the hit counts.  Is that possible?


Thanks

Joerg

mirober2 Mon, 10/25/2010 - 07:20
User Badges:
  • Cisco Employee,

Hi Joerg,


Yes, if you remove the 'log' keyword from the access-list entries all other logging will continue to work just fine. Only the hit count logs will be turned off. For example, your config could look like this:


logging enable

logging trap error

logging host 10.1.1.1


This will send all error logs to 10.1.1.1, but the access-list hits will no longer be logged.


Hope that helps.


-Mike

Actions

This Discussion

Related Content