Cisco Cisco IOS Software Release 12.4(9)T Fascicule
© 2008 Cisco Systems, Inc. All rights reserved.
23
ACL Syslog Correlation
Simplifies ACL Monitoring
Simplifies ACL Monitoring
Provides a consistent monitoring solution for IOS Access Control Lists
(ACL), allowing network management tools to easily correlate Access
Control Entry (ACE) rules with their corresponding syslog events
(ACL), allowing network management tools to easily correlate Access
Control Entry (ACE) rules with their corresponding syslog events
Reduces complexity of managing and monitoring ACL rules
Helps network administrators troubleshoot issues with ACE rules and
allows them to monitor ACE rules effectiveness
allows them to monitor ACE rules effectiveness
ip access-list extended access-control
permit ip any host 10.10.10.100 log
red-server
permit ip any host 10.10.10.200 log
blue-server
permit ip any any
Sep 3 16:31:18.958: %SEC-6-IPACCESSLOGDP: list access-control permitted icmp
192.168.1.100 -> 10.10.10.100 (0/0), 11 packets [
red-server
]
Sep 3 16:32:18.953: %SEC-6-IPACCESSLOGDP: list access-control permitted icmp
192.168.1.100 -> 10.10.10.200 (0/0), 3 packets [
blue-server
]
Tags are Appended to Generated Syslog Events
Define TAG to Configured ACE Rules
Cisco IOS
Security