Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2034
Views
0
Helpful
0
Replies

ASA 106101: Number of cached deny-flows for ACL log has reached limit.

borutlape
Level 1
Level 1

‎12-24-2019 04:58 AM

Hi,

we are trying to decrease the number of deny logs logged in our SIEM.

The approach is to disable message 106023 and to log only 106100, by adding "deny ip any any log" at the end of all access lists. This way we are receiving summarized deny logs instead of logs for each denied connection.

 

But after implementing this, every 5 minutes the error message is logged:

%ASA-1-106101: Number of cached deny-flows for ACL log has reached limit

We tried decreasing the interval to 30 seconds but no success.

 

Does anybody know if the logs from the flow memory are dropped (and not logged) after the flow memory is reached?

 

Regards,

Borut

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card