topic Re: Logging Access-List Hit Counts to SysLog Server in Network Security https://community.cisco.com/t5/network-security/logging-access-list-hit-counts-to-syslog-server/m-p/1488837#M663319 <HTML><HEAD></HEAD><BODY><P>Yes, That configuration should log infomrational messages to syslog for those access-list.</P><P></P><P>Here is your document reference :</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/pix/pix63/system/message/pixemint.html#wp1029160">http://www.cisco.com/en/US/docs/security/pix/pix63/system/message/pixemint.html#wp1029160</A></P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/ab.html#wp1067755">http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/ab.html#wp1067755</A></P><P></P><P>Regards,</P></BODY></HTML> Sat, 12 Jun 2010 05:02:49 GMT edadios 2010-06-12T05:02:49Z Logging Access-List Hit Counts to SysLog Server https://community.cisco.com/t5/network-security/logging-access-list-hit-counts-to-syslog-server/m-p/1488836#M663311 <P>I have a Cisco PIX Firewall 525 Version 6.3(5) running that we are in process of decomissioning it.&nbsp; I am still getting some hitcounts on the following access-list and and want to anaylze it by sending it to syslog server.</P><P></P><P></P><P>access-list PeopleSupport line 21 permit ip host 10.71.0.170 172.29.136.0 255.255.255.0<BR />access-list PeopleSupport line 24 permit ip host 10.71.0.170 172.22.195.0 255.255.255.0<BR />access-list PeopleSupport line 31 permit ip host 10.110.9.171 172.16.152.0 255.255.255.0<BR />access-list PeopleSupport line 26 permit ip host 10.71.0.170 172.22.199.0 255.255.255.0</P><P></P><P>I have enabled logging with following commands:</P><P></P><P>Logging on</P><P>Logging trap informational</P><P>Logging facility 6</P><P>Logging host inside 10.88.169.58</P><P></P><P>Now, What do I need to define in access-lists to send hit counts to syslog.</P><P></P><P>Will the below configuration work?&nbsp; I have a long list of access-list but only want to add logging to the above access-list Line Numbers.</P><P></P><P>From:</P><P>no access-list PeopleSupport line 21 permit ip host 10.71.0.170&nbsp; 172.29.136.0 255.255.255.0<BR /> no access-list PeopleSupport line 24 permit ip host 10.71.0.170&nbsp; 172.22.195.0 255.255.255.0<BR /> no access-list PeopleSupport line 31 permit ip host 10.110.9.171&nbsp; 172.16.152.0 255.255.255.0<BR /> no access-list PeopleSupport line 26 permit ip host 10.71.0.170&nbsp; 172.22.199.0 255.255.255.0</P><P></P><P>To:</P><P></P><P>access-list PeopleSupport line 21 permit ip host 10.71.0.170&nbsp; 172.29.136.0 255.255.255.0 log informational<BR /> access-list PeopleSupport line 24 permit ip host 10.71.0.170&nbsp; 172.22.195.0 255.255.255.0 log informational<BR /> access-list PeopleSupport line 31 permit ip host 10.110.9.171&nbsp; 172.16.152.0 255.255.255.0 log informational<BR /> access-list PeopleSupport line 26 permit ip host 10.71.0.170&nbsp; 172.22.199.0 255.255.255.0 log informational</P> Mon, 11 Mar 2019 17:58:33 GMT https://community.cisco.com/t5/network-security/logging-access-list-hit-counts-to-syslog-server/m-p/1488836#M663311 abbas.ali 2019-03-11T17:58:33Z Re: Logging Access-List Hit Counts to SysLog Server https://community.cisco.com/t5/network-security/logging-access-list-hit-counts-to-syslog-server/m-p/1488837#M663319 <HTML><HEAD></HEAD><BODY><P>Yes, That configuration should log infomrational messages to syslog for those access-list.</P><P></P><P>Here is your document reference :</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/pix/pix63/system/message/pixemint.html#wp1029160">http://www.cisco.com/en/US/docs/security/pix/pix63/system/message/pixemint.html#wp1029160</A></P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/ab.html#wp1067755">http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/ab.html#wp1067755</A></P><P></P><P>Regards,</P></BODY></HTML> Sat, 12 Jun 2010 05:02:49 GMT https://community.cisco.com/t5/network-security/logging-access-list-hit-counts-to-syslog-server/m-p/1488837#M663319 edadios 2010-06-12T05:02:49Z