Posted By: | tsammut |
Posted Date: | Apr 07, 2008 |
Category: | Security |
Version: | v20080407 |
License: | Cisco-Style BSD |
Summary: | This EEM policy provides threshold-based ACL logging functionality. |
Script Modified Date: | Apr 07, 2008 |
Cisco IOS Version tested: | 12.4T |
Cisco Products Tested: | Various |
Environment Variables used: | EEM_ACL_COUNTERS_INTERVAL, EEM_ACL_COUNTERS_ACL_NAME, EEM_ACL_COUNTERS_THRESHOLD |
Rating Count: | 0 |
Average Rating: | 0 |
File Size: | 2.6 KB |
Script Info URL: | |
This EEM policy uses the Timer ED to periodically execute the 'show access-list' command. It then parses the output from that command and sends a syslog message if the number of matched packets is over the user configured threshold for the configured time period. This is a workaround to the CPU load created by ACL logging.