Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
224
Views
0
Helpful
2
Replies

Information Loss on logging

paulo.prista
Level 1
Level 1

‎07-12-2002 04:33 AM - edited ‎03-08-2019 11:31 PM

Dear friends,

We are using an external router (Cisco 1751) with the IOS Firewall.

As logging facility, we use a central sever which receives log from ACLs, Inspect Lists and IDS module configured in this router.

Frequently we can observe a message with this text above:

"access-list logging rate-limited or missed 6 packets" . Of course, the number of packet changes from message to message.

We have increased rate-limited up to 10000 (maximum allowed) but these messsages continue.

Is it normal?

Is there something we can do to avoid this loss of information?

Regards,

Paulo R.Prista

Labels:
0 Helpful
2 Replies 2

yusuff
Cisco Employee
Cisco Employee

‎07-13-2002 03:28 AM

10000 is the max, remember this threshhold is for messages per second limit, and if you are still getting the "access-list logging rate-limited" then it is not good. You might want to remove 'log' keyword from some of the permit ACL lines and leave it on deny statements only.

HTH

R/Yusuf

0 Helpful

paulo.prista
Level 1
Level 1
In response to yusuff

‎07-15-2002 05:11 AM

This sounds good.

As we are in a test phase we did put a lot of logs.

At the end of this phase unnecessary logs will be removed.

Thanks, Paulo R. Prista

0 Helpful
Customers Also Viewed These Support Documents