Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

uniquely identify syslog messages of an ACL

Hello all,

I don't know if 'network management' forum is the right place to ask my question so please forgive me if it's not.

I have a Cisco ASA 8.X unit with 40 permissive access rules in its policy, for some reason, I need to PERMIT and LOG all the traffic that do not match those 40 rules, to achieve this, I added rule number 41 (permit IP any any) and configured syslog messages to be sent to my syslog server.

Now, my syslog server is getting syslog messages sent from the ASA indicating matches for all the 41 rules, I didn't find a way to tell the ASA to only send messages for rule number 41 (please tell me if it;s possible) so I  thought to myself that maybe there is a way which I can use to uniquely identify the messages whice have been triggered against rule 41.

Thank you all

Everyone's tags (2)