Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX: Selective ACL Logging

I am looking for a way to specifically filter/limit syslog messages generated from a PIX. Given the following list:

ACL 1) access-list ACL_NAME deny tcp HOST_A HOST_B eq TCP_PORT

ACL 2) access-list ACL_NAME permit tcp any WEBSERVER eq 80

ACL 3) access-list ACL_NAME deny any any

I would like to be able to recieve all logs generated by ACL 2 and ACL 3, but not receive logs generated by ACL 1.

ACL 1 is extremely noisy, and is known to be caused by misconfigured hosts beyond my control.

With IOS ACLs I have the option to selectively log ACLs, but I can find no such option within the PIX command set.

Does anybody have any ideas?

Thank You,

TM

1 REPLY
Cisco Employee

Re: PIX: Selective ACL Logging

Not possible at the moment. v6.3 code due out late March/early April will have this functionality, you'll have to wait till then.

161
Views
0
Helpful
1
Replies
CreatePlease to create content