ACL log via SYSLOG only

imranraheel · ‎11-05-2010

I have few ACLs on my Cisco 2801 router, i just want to log all the traffic reaching and by passing that router to my syslog server. Currently logging is disabled on the router please specify which command should i use on my router.

Thanks in Advance

Ganesh Hariharan · ‎11-06-2010

I have few ACLs on my Cisco 2801 router, i just want to log all the traffic reaching and by passing that router to my syslog server. Currently logging is disabled on the router please specify which command should i use on my router.

Thanks in Advance

Hi,

Unfortunately, ACL logging can be CPU intensive and can negatively affect other functions of the network device. There are two primary factors that contribute to the CPU load increase from ACL logging: process switching of packets that match log-enabled access control entries (ACEs) and the generation and transmission of log messages.

Check out the below link for more information on ACl logging ..

http://www.cisco.com/web/about/security/intelligence/acl-logging.html

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Richard Burts · ‎11-06-2010

The original poster asked how to send the log messages generated from an ACL to a syslog server. And the response from Ganesh.H focused on why it might not be a good idea to send the log messages.

While I agree that it is beneficial to warn the original poster about the implications of what they ask about, I believe that we should also provide an answer to the original question. So - if you want to send copies of syslog messages to a syslog server the crucial command is logging

HTH

Rick

HTH

Rick