is there a way to globally log all ACL to syslog instead of having the word "log" at the end of each rule? On the ASA platform.
It's for testing purpose.
What do you want to achieve? Do you want to see all that is allowed through the firewall? Then the connection-log can be used instead of the ACL-log.
The ASA is a stateful firewall and you don't act on packets, you act on connections when something is allowed. That can easily be done with connection-logging.
So I guess "connection logging" means logging Built outbound/inbound message like those?
%ASA-6-302013: Built outbound TCP connection 17316 for OUTSIDE:10.X.X.X/443 (10.X.X.X/443) to INSIDE:10.X.X.X/54129 (10.X.X.X/54129)
%ASA-6-302015: Built outbound UDP connection 17349 for OUTSIDE:10.X.X.X/53 (10.X.X.X/53) to INSIDE:10.X.X.X/55242 (10.X.X.X/55242)
%ASA-6-302020: Built outbound ICMP connection for faddr 10.X.X.X/0 gaddr 10.X.X.X/1 laddr 10.X.X.X/1
These are the syslog IDs in case if you are interested and yes these are connection logging.
%ASA-6-302013 - Built outbound/inbound TCP connection
%ASA-6-302014 - Teardown TCP connection
%ASA-6-302015: Built outbound/inbound UDP connection
%ASA-6-302016: Teardown UDP connection
%ASA-6-302020: Built outbound/inbound ICMP connection
%ASA-6-302021: Teardown ICMP connection