Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
620
Views
0
Helpful
0
Replies

Filtering logging on FPR4100 with ASA software

hcombee
Level 1
Level 1

‎02-16-2022 03:07 AM

We enabled logging on a Firepower 4100 with ASA software but I would like to only log hits on inbound rules. Outbound rules are not interesting in my case because this traffic is logged on other firewalls. This way we receive close to 300GB of logs per day.

 

According to the CLI guide I can add the option "log disable" to the end of the ACE to suppress logging for this rule.

Sadly this option only seems to work for the explicit "deny any any" rule ate the end, the permit tcp rules are still logged on the syslog server as a ASA-6-302013/ASA-6-302014 syslog message.

The CLI guide very clearly states "log disable - Disables all ACE logging".

 

Can anyone explain this to me?

 

ps. I know I can disable 302013/302014 but this way I would also suppress inbound ACL messages.

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card