ACL Log is not sending to syslog server
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-08-2017 10:46 AM - edited 02-21-2020 06:40 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-08-2017 02:13 PM
Hi,
How is logging ocnfigured on this Switch? The other logs you see on the syslog server is from this switch?
-If I helped you somehow, please, rate it as useful.-
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-08-2017 06:44 PM
logging buffered informational
logging console informational
logging monitor informational
logging source-interface Vlan1
logging 172.17.200.11
logging 172.16.1.80
logging 172.16.101.178
logging 172.16.107.21
Yes...the log i see in the syslog is from the same switch.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2018 08:01 AM
I'm having the same problem on a Cisco 2911 router where it's logging the ACL hits but they are not going to the syslog server. Other log messages such as configuration changes, ssh access are going to the syslog server. I've tried "ip access-list logging interval 1", various "logging trap" levels, but nothing works. Thoughts?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-28-2018 04:51 AM
Hi
I have the same problem.
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-28-2018 06:26 AM - edited 03-28-2018 06:30 AM
Hi
My problem solved. I add ip access-group in both side (in and out).
Please share your logging config if your problem haven't solved yet .
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-28-2018 04:43 AM
Hi
I have the same problem.
As you ask,other logs go to the syslog server from this switch, but ACL log doesn't go.
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2018 01:53 PM
Hello everyone, i have the same issue. Were you able to figure out why config messages are being sent but not ACL hits?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2018 08:13 AM
Hi
Because your configuration changes accrued in control plane, but your ACL traffic are in data plane.
You have to apply your ACL on interface/interfaces for out/in traffic.
Good luck.
