Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

show the log in an ACL

I have an ACL which is working fine.

150 deny ip any host 204.73.44.250

160 deny ip any host 204.73.44.226 (32 matches)

170 permit udp any 0.0.0.0 255.255.255.0 eq snmp

180 deny udp any any eq snmp (22 matches)

190 deny tcp any any eq 2967 log (7173566 matches)

200 deny tcp any any eq 6667 log

210 deny ip any host 66.176.202.133 log

220 deny ip any host 211.100.30.34 log

230 deny ip any host 211.100.19.116 log

240 permit ip any any (255731 matches)

Now what level do I set the logging trap at to get these transfered to my syslog server.

BTW, other items are being transfered, except the hits on the ACLs.

TIA, Stephen

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Gold

Re: show the log in an ACL

Stephen

The log output from an access list is severity level 6.

HTH

Rick

2 REPLIES
Hall of Fame Super Bronze

Re: show the log in an ACL

You won't get all the hits individually. You will get a sum of hits within a process interval.

In other words, if you are accessing port 6667 for 2 minutes, it will accumulate that amount of hits and when the process is finished, it will transfer that information over to the syslog server with the total count.

Please see:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/fcfprt3/fcf013.htm#wp1001168

Hall of Fame Super Gold

Re: show the log in an ACL

Stephen

The log output from an access list is severity level 6.

HTH

Rick

320
Views
9
Helpful
2
Replies
CreatePlease to create content