Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Logging and the hit counter

ASA 8.0 ASDM 6.1

Just for clarification, if an ACL entry has the logging field set for "informational", both permitted and denied traffic to that destination IP will be logged and/or viewable in the real-time monitor, correct? How about the hit counter for that specific entry? Does the counter reflect how many times a packet met the rule and was permitted, denied, or a combination of both? Below is the ACE in question, but my question is in general.

access-list LGC-IN extended permit tcp any host 162.109.77.21 eq smtp log

access-list LGC-IN extended permit tcp any host 162.109.77.21 eq https log

4 REPLIES

Re: Logging and the hit counter

When you apply logging to an ACL it will log at the Informational level (and visible in ASDM monitor). The hit counter will increase each time a packets hits the rule, but only for what the rule is configured. Typically you don't log permits, it doesn't make much sense since you trust that traffic. You can do it, you just need the specific rule in your ACL.

Hope that helps.

Community Member

Re: Logging and the hit counter

Hi Colin,

The goal of logging the permits was to verify certain traffic was coming through.

Based on the rules I set up:

access-list LGC-IN extended permit tcp any host 162.109.77.21 eq smtp log

access-list LGC-IN extended permit tcp any host 162.109.77.21 eq https log

I should be seeing the permits logged, sound right?

Re: Logging and the hit counter

Yes you should. Make sure there is not a more permissive permit above these.

Community Member

Re: Logging and the hit counter

Good point. Thanks for your help.

153
Views
10
Helpful
4
Replies
CreatePlease to create content