Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA 8.0(4). How to stop these syslog messages?

On one of my ASA 5520 pairs (8.0(4)) on one interface I am getting a ton fo the following kind of messages:

access-list ETH_H_MPLS_access_in permitted tcp ETH_H_MPLS/2.2.2.32(2018) -> ETH_Vuhe_vm/1.1.1.103(443) hit-cnt 1 first hit [0x99b23d84, 0x95ea2028]


I only get this for one interface and not for any of the others.  Is there a way to stop these from showing up in ASDM (6.1.5) and in syslog?

Thanks
Joerg

Everyone's tags (3)
3 REPLIES
Cisco Employee

Re: ASA 8.0(4). How to stop these syslog messages?

Hi Joerg,

Check the output of 'show run access-list'. If you see any lines with the 'log' keyword included, these messages will be logged when the ACE is matched. If you don't want to log the hits, you can remove the 'log' keyword from each access-list line.

Hope that helps.

-Mike

New Member

Re: ASA 8.0(4). How to stop these syslog messages?

Mike,

I do want to kepp logging errors etc, just not the hit counts.  Is that possible?

Thanks

Joerg

Cisco Employee

Re: ASA 8.0(4). How to stop these syslog messages?

Hi Joerg,

Yes, if you remove the 'log' keyword from the access-list entries all other logging will continue to work just fine. Only the hit count logs will be turned off. For example, your config could look like this:

logging enable

logging trap error

logging host 10.1.1.1

This will send all error logs to 10.1.1.1, but the access-list hits will no longer be logged.

Hope that helps.

-Mike

846
Views
5
Helpful
3
Replies
CreatePlease to create content