Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8277
Views
10
Helpful
4
Replies

Check when hit counter was last cleared

Eric Washington
Level 1
Level 1

‎07-16-2013 08:57 AM - edited ‎03-11-2019 07:12 PM

I'm going some cleanup of our ASA firewall access rules and I want to delete the rules that have 0 hits. But I do not know how to check when the counters were last cleared on these rules. Please help!

Thanks in advance!

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Jouni Forss
VIP Alumni
VIP Alumni

‎07-16-2013 09:12 AM

Hi,

I dont atleast know of any command that would show it.

Usually I dont clear the counters manually so basically in those cases the last reload has been the time when the counters were cleared

And that can naturally be viewed with the command

show version

The output will show the devices uptime.

- Jouni

0 Helpful

mario.jost
Level 3
Level 3

‎05-22-2018 11:32 PM - edited ‎05-22-2018 11:38 PM

If someone issued a clear counters without a specific interface, all interface counters are cleared. So you can check on any interface to see when the counters have been cleared:

 

roSUR01#show interfaces fastEthernet 0
FastEthernet0 is up, line protocol is up 
  Hardware is Fast Ethernet, address is 3c08.f67f.bfa2 (bia 3c08.f67f.bfa2)
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, 
     reliability 255/255, txload 10/255, rxload 3/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:01, output never, output hang never
  Last clearing of "show interface" counters 00:04:17
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 1203000 bits/sec, 371 packets/sec
  5 minute output rate 4261000 bits/sec, 446 packets/sec
     126814 packets input, 44349293 bytes, 0 no buffer
     Received 311 broadcasts (474 multicasts)
     0 runts, 0 giants, 0 throttles 
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     162315 packets output, 210821299 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

Regards,

Mario

Bogdan Nita
VIP Alumni
VIP Alumni
In response to mario.jost

‎05-23-2018 01:01 AM - edited ‎05-23-2018 01:03 AM

I agree with @Jouni Forss, there isn't a command to check this.

If someone cleared the acl counters manually the only way to verify is checking syslog or accounting if you have it configured.

@mario.jost: it's about acl counters, not interface counters

 

HTH

Bogdan

 

mario.jost
Level 3
Level 3
In response to Bogdan Nita

‎05-28-2018 04:53 AM

 @Bogdan Nita Yeah, totally misread that, sorry.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card