×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Stop snmp polling notifications in switch log file

Answered Question
Jan 22nd, 2014
User Badges:

When I perform a show logg on my switch it shows a notification like the one below every 5 minutes:


Jan 21 09:50:52.742: %SEC-6-IPACCESSLOGS: list 10 permitted 10.20.10.254 80 packets

                  

It is filling up my switch log. It is caused by my Cacti server polling the switch every 5 minutes for statistics, but I don't want this filling up my logs.


Is there a way to stop this specific notification from being inserted in my logging buffer?


BTW... it is on all of my switches that I'm polling with Cacti

Correct Answer by Steve Fuller about 3 years 6 months ago

Hi,


Take a look at the access-list 10 and you'll see that it has the keyword log at the end of it. This is what is generating the message. If you remove the log keyword then you should no longer see the messages.


You may of course want to check as to why it was included in the first place. There may be something within your security policy that means you need to log this information.


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Steve Fuller Wed, 01/22/2014 - 09:46
User Badges:
  • Blue, 1500 points or more
  • Community Spotlight Award,

    Member's Choice, September 2015

Hi,


Take a look at the access-list 10 and you'll see that it has the keyword log at the end of it. This is what is generating the message. If you remove the log keyword then you should no longer see the messages.


You may of course want to check as to why it was included in the first place. There may be something within your security policy that means you need to log this information.


Regards

Collin Clark Wed, 01/22/2014 - 10:53
User Badges:
  • Purple, 4500 points or more

It could also be appended to your SNMP community. For example


snmp-server community MYSNMPCOMMUNITY RO 10


That sets an ACL on SNMP and it will also generate the logging message. You can lower your logging level to the buffer as well.


logging buffer 3

Steve Fuller Wed, 01/22/2014 - 11:00
User Badges:
  • Blue, 1500 points or more
  • Community Spotlight Award,

    Member's Choice, September 2015

Hi Colin,


I agree that ACL 10 is appended to the snmp-server community command, but the %SEC-6-IPACCESSLOGS messages are being generated because ACL 10 has the log keyword e.g., access-list 10 permit 10.20.10.0 0.0.0.255 log. We can keep the ACL on the snmp-server community command and not have to change the logging level simply by removing the log keyword.


Regards

nn7963 Thu, 01/23/2014 - 07:46
User Badges:

Thanks Steve, you're right it was the log statement. I appreciate the help!

Actions

This Discussion