Thanks I didn't realise how much other stuff I got on Informational, it's a bit unbearable. Never mind, thanks very much

it is better to have log info and not need than need and not have. there are a variety of syslog servers out there that can do log rotation - the logs compress very well. there are also programs that can generate reports off of logs

Actually if you add the line "log 1" at the end of the inbound access list in question you will see all denied/permitted logs and they will be sent as level 1 alerts. Do not forget to configure your syslog server to only log and display Alert level syslog messages or seperate them via level class. This will keep your logging to a minimum.

sample log message generated below.

106100: access-list outside_access_in permitted tcp outside/66.205.217.129(2115) -> inside/67.34.22.79(25) hit-cnt 1 (first hit)