cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1489
Views
0
Helpful
6
Replies

Change Access List logging globally

cshannahan
Level 1
Level 1

It seems we don't have the "LOG" entry on any of our access lists. Is there a way to globally turn this on so it logs all access lists to the syslog server or do I have to enter this one by one on the ASA command line or ASDM?

6 Replies 6

Abheesh Kumar
VIP Alumni
VIP Alumni

Hi,

Try enable logging message 106100 and see are you getting the ACL hit logs in syslog server

 

HTH
Abheesh

I'm not exactly sure how to do this. I tried logging message 106100 but it didn't work. I don't see any clear instruction how to get permits to log if the default acl logging is being used WITHOUT the log entry at the end. There are articles but nothing pointing me in the right direction yet.


106100 is a level 6 (informational) message, so you would need your global logging also set to level 6 (or 7) for it to start appearing.

No you get an error message when doing this.



INFO: Please use the access-list command to change the severity level of this syslog



I've tried everything I think.


I'm not suggesting to change the severity of the message but rather your GLOBAL setting.

 

Can you share the output of "show run logging"?

My global sending to syslog servers is 6...info.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: