Cisco Community
English
Register
JOIN thousands of technologists and change-makers at Transform 2020, a one-of-a-kind virtual event! RESERVE YOUR SPOT NOW
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

298
Views
5
Helpful
3
Replies
Highlighted
maced129
Beginner
Beginner
‎01-22-2021 11:16 AM
‎01-22-2021 11:16 AM

ACI Contract Permit/Deny Syslog Logging - Not Working

Hello,

 

We are trying to get our contracts between EPGs to log the deny and permit traffic as seen within the Tenant > $tenant > Operational > Packets > L3 Permits/L3 Denys.

 

According to the obscure documentation it seems that one of the key things that needs to happen to send these logs to syslog is to reassign the default logging facility to "information" and enable the fabric monitoring policy. We see syslog on our syslog server, just not for the contract permits and denys. Changing the default to facility to "information" did not work and we have gone down a rabbit hole of enabling the monitoring policy in every possible place (Fabric/Fabric Access/Tenant/AP/EPG/BD) and still no luck. I don't see the messages popping up in /var/log/external/messages on the leafs either..

 

 

Any ideas?

 

Thanks

Labels:
0 Helpful
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
maced129
Beginner
Beginner
‎01-22-2021 01:56 PM
‎01-22-2021 01:56 PM

Agh....seems to be a bug with our current version of Leafs

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv11292

View solution in original post

Reply
3 REPLIES 3
Highlighted
msdaniluk
VIP Engager VIP Engager
VIP Engager
‎01-22-2021 01:11 PM
‎01-22-2021 01:11 PM

Hi @maced129 

If you wish to start the contract logging, you need to enable the log directive under the filter chain:

Screenshot 2021-01-22 230934.png

Double click on the filter entry from contract subject.

 

Stay safe,

Sergiu

0 Helpful
Reply
Highlighted
maced129
Beginner
Beginner
In response to msdaniluk
‎01-22-2021 01:20 PM
‎01-22-2021 01:20 PM

Unfortunately, no luck there - all contracts applied to the EPG have log directive enabled. 

0 Helpful
Reply
Highlighted
maced129
Beginner
Beginner
‎01-22-2021 01:56 PM
‎01-22-2021 01:56 PM

Agh....seems to be a bug with our current version of Leafs

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv11292

View solution in original post

Reply
Latest Contents
Cisco Nexus Dashboard: Under the hood with Day 2 Operations ...
Created by ukodali on 02-23-2021 11:53 AM
1
5
1
5
Cisco® Nexus® Dashboard revolutionizes operations in today’s modern data-center environments. Join us to learn about the operational efficiencies realized from the seamless user experience of the dashboard and the powerful capabilities of Cisco Nexus Insi... view more
AVE HTML5 Plugin Error
Created by Shankar K on 02-15-2021 11:12 PM
0
0
0
0
Hi Team,   The HTML5 plug installation is successful. But I get the following error while I click on AVE. The other icons are showing up the results except AVE. Please let me know your SME thoughts on this error.   No VmmDomains Found   Tha... view more
Customer Connection Briefing - Next Generation SAN Fabric He...
Created by Kelsy Tibshraeny on 02-15-2021 02:06 PM
0
0
0
0
This session will help administrators and architects leverage SAN Insights Discovery to help understand the current status of their SAN fabric and help identify areas of opportunity for improvement. The attendees will learn the process, architecture, and ... view more
Customer Connection Briefing - Cisco Nexus Dashboard: Under ...
Created by Kelsy Tibshraeny on 02-15-2021 02:04 PM
0
0
0
0
Join us to learn about the operational efficiencies realized from the seamless user experience of the dashboard and the powerful capabilities of Cisco Nexus Insights (NI), Cisco Network Assurance Engine (NAE), and Cisco Multi-Site Orchestrator (MSO). The ... view more
Intersight Terraform Provider Overview
Created by dsoper on 02-09-2021 11:02 AM
0
0
0
0
Cisco Intersight's Terraform Provider is now available in the Terraform Registry at https://registry.terraform.io/providers/CiscoDevNet/intersight/latest.  The provider has Terraform resource and data source support for the wide range of Inters... view more
Content for Community-Ad