08-08-2003 12:02 PM - edited 03-09-2019 04:21 AM
I've got my IDS setup and running, but now when it adds anything to the ACL, it adds this:
10.1.1.1 deny any log
with the log in there, it's generating a lot of spam on the console when you are trying to use the router. How do I stop this console logging?
Thanks!
John
08-14-2003 07:53 AM
You will find it listed in this document if it's a known issue,
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids9/15284_02.htm
08-14-2003 10:33 AM
There is a configuration to tell the sensor whether or not to add "log" at the end of each deny line.
In 3.x it is controlled by the EnableACLLogging token in managed.conf. It can be configured through IDM:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13876_01.htm#xtocid50 step 6
If using IDS MC then you will need to reference their documentation.
In 4.x it is controlled by the "enable-acl-logging" configuration line:
sensor-3# configure terminal
sensor-3(config)# service networkaccess
sensor-3(config-NetworkAccess)# general
sensor-3(config-NetworkAccess-gen)# enable-acl-logging false
In 4.x it is not configurable in IDM, if using IDS MC you would need to reference their documenation.
In 3.x set the token to "0" to prevent the sensor from adding "log", and in 4.x set the configuration to "false".
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide