Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Threshold-based ACL Logging

Posted By:

tsammut

Posted Date:

Apr 07, 2008

Category:

Security

Version:

v20080407

License:

Cisco-Style BSD

Summary:

This EEM policy provides threshold-based ACL logging functionality.

Script Modified Date:

Apr 07, 2008

Cisco IOS Version tested:

12.4T

Cisco Products Tested:

Various

Environment Variables used:

EEM_ACL_COUNTERS_INTERVAL, EEM_ACL_COUNTERS_ACL_NAME, EEM_ACL_COUNTERS_THRESHOLD

Rating Count:

0

Average Rating:

0

File Size:

2.6 KB

Script Info URL:

This EEM policy uses the Timer ED to periodically execute the 'show  access-list' command. It then parses the output from that command and  sends a syslog message if the number of matched packets is over the user  configured threshold for the configured time period.    This is a  workaround to the CPU load created by ACL logging.

284
Views
0
Helpful
0
Comments