cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
947
Views
0
Helpful
0
Replies

Is there a way to modify syslog output to show policy decisions, or view which policy traffic hits in real time?

andrewjinks
Level 1
Level 1

We upgraded from ASAs a while back and when transferring policies and objects over to the new system, many, if not most of the items took a generic name, such as "DM_INLINE_xyz" or "Outside_connection_#xxx", which makes it diffult to know what the policy is by looking at it. We discovered one we would like to audit and break out tighter policies from it since it seems rather broad, but we're trying to figure out how to do that best.  Juniper FWs default syslog messages show the policy that denies or permits the traffic, but Cisco FTDs don't seem as detailed.  We would be able to see what this specific policy is doing in syslogs if it showed policies in use.

 

Is there a way to do this, or, is there a way we could see in real time what traffic is traversing specific policies other than using the packet tracer?

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: