Showing results for 
Search instead for 
Did you mean: 

ACL log NEXUS 3000



I would like to monitor my ACL entries, and want to separate them.
Currently after adding them to the ACL all the logs are mixed up.
Is it possible e.g. to mark packets for a specific ACL?

6 Replies 6

VIP Guru VIP Guru
VIP Guru
Is it possible e.g. to mark packets for a specific ACL?

if all the ACL marked to Log keyword used, then all will be mixed, i do not believe any specific can be done, instead you can send the Logs to syslog server and make own scripts to standardise them as per the requirement, is this what you intend to do ?



***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen
VIP Master VIP Master
VIP Master



you can obviously filter the output so it shows only the entries for a specifi ACL, e.g.:


show logging ip access-list cache [detail] | acl-101


would only show entries for access list acl-101.


@balaji.bandiI am currently sending logs to ELK (logstash), but I cannot show which packet is from which ACL.
A given log item has: Src. adr, Dest adr, Src port, Dest port, Src Interface and creation time.


@Georg Pauwen show logging ip access-list cache [detail] | ?

after pipe i cannot type acl


show logging ip access-list cache detail | ?
  awk          Mini AWK
  cut          Print selected parts of lines.
  diff         Show difference between current and previous invocation (creates temp files: remove them with 'diff-clean' command and dont use it on commands with big outputs, like
               'show tech'!)
  egrep        Egrep - print lines matching a pattern
  email        Email command output
  grep         Grep - print lines matching a pattern
  head         Display first lines
  human        Output in human format
  json         Output in json format
  json-pretty  Output in json pretty print format
  last         Display last lines
  less         Filter for paging
  no-more      Turn-off pagination for command output
  section      Show lines that include the pattern as well as the subsequent lines that are more indented than matching line
  sed          Stream Editor
  sort         Stream Sorter
  tr           Translate, squeeze, and/or delete characters
  uniq         Discard all but one of successive identical lines
  vsh          The shell that understands cli command
  wc           Count words, lines, characters
  xml          Output in xml format (according to .xsd definitions)
  xmlin        Convert CLI show commands to their XML formats
  xmlout       Output in xml format (according to the latest .xsd version)
  begin        Begin with the line that matches
  count        Count number of lines
  end          End with the line that matches
  exclude      Exclude lines that match
  include      Include lines that match



looks like you can add the keywords directly without the pipe:


show logging ip access-list cache [detail] include acl-101

It cannot work,becouse there are no information about acl:








I was just giving an example. You need to match on something that is actually in the output (source interface, as an example)


show logging ip access-list cache detail include Vlan100


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers