cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
403
Views
0
Helpful
3
Replies

Globally setting all ACLS to log

jeromecandiff
Level 1
Level 1

We currently receive syslogs (informational) for all connections but have recently deployed an auditing tool that requires that each ACL also be set to log. Is there a way to globally set all ACLs to log?

3 Replies 3

Hi,

Are you referring to an ASA?

In the ASA you can set the ''log'' keyword at the end of the statement to generate a log for that line. This must be done on all ACEs in the ACL.

Also, you can set the alert-interval for those logs (access-list alert-interval)

Federico.

Thank you for the reply. The issue that we are having is that we currently manage hundreds of ASA's , each with hundreds of ACE's per

ACL. Is there a way to globally set each ACE to log without redoing every single ACL?

I don't think there's a way to globally enable logging for all the ACLs on the ASA itself, because you normall want to do this on specific ACEs.

However if you use Cisco Security Monitor you might be able to inject such a policy to all ASAs simultaneously.

Federico.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: