log-verbose

Use this command to generate a detailed Syslog on rule hits.

Syntax

log-verbose [entry | implicit | all]
no log-verbose [entry | implicit | all]

Parameters

entry (Optional) Specifies a sequence numbered entry to log when a hit occurs. Valid values: 1 - 5000. Default value: all
implicit (Optional) Specifies the logging of a final implicit deny hit.
all (Optional) Specifies that all hits are to be logged, including the final implicit deny.

Defaults

If no option is specified, all hits are logged, including the final implicit deny.

Mode

Configuration command, L2 ACL configuration mode.

Usage

ACL logging is throttled to 1 log message per second. If there are multiple ACL rules with logging enabled (log or log-verbose), and more then one frame is transmitted per second that can hit those rules, only the first frame will generate a message. Logging is sampling and does not report every time that a rule with logging enabled is hit.

The “no” version of this command removes the last (if duplicate entries exist) or the specified (if no duplicate entries exist) verbose log entry.

Example

This example enters configuration mode for L2 ACL list 2 and enables a detailed logging level for a final implicit deny hit:

System(rw-config)->l2 access-list list2
System(rw-cfg-l2-acl)->log-verbose implicit
System(rw-cfg-l2-acl)->