Use this command to enable a standard or detailed logging access list rule entry.
| entry | (Optional) Specifies a sequence numbered entry to log when a hit occurs. Valid values: 1 - 5000. Default value: all |
| implicit | (Optional) Specifies the logging of a final implicit deny hit. |
| all | (Optional) Specifies that all hits are to be logged, including the final implicit deny. |
If no option is specified, all hits are logged, including the final implicit deny.
Configuration command, standard or extended access list configuration.
ACL logging is throttled to 1 log message per second. If there are multiple ACL rules with logging enabled (log or log-verbose), and more then one frame is transmitted per second that can hit those rules, only the first frame will generate a message. Logging is sampling and does not report every time that a rule with logging enabled is hit.
This example enters configuration mode for standard access list 2 and enables standard logging for a final implicit deny hit:
System(rw-config)->ip access-list standard 2 System(rw-cfg-std-acl)->log implicit System(rw-cfg-std-acl)->
Print
this page
Email this topic
Feedback
View PDF
Download EPUB