cancel
Showing results for 
Search instead for 
Did you mean: 

ACL Logging

 
3ParUser
Occasional Contributor

ACL Logging

Hi team,

We are a Cisco shop who have just bought some HPE 5940's which to my understanding run Comware 7.

My question is around ACL logging and I want to know how everyone does it? In the Cisco world we just log our ACl deny's to a syslog server, and then grep all the info we need. Comware doesn't seem to have this functionality.

In the example below, from one of our Cisco Switches, we can easily see what IP address is blocked, the port and what ACL blocked thew traffic. Please tell me Comware can do this?  And if not how to do you troubleshoot ACL issues? Thanks in advance.

system-172.xxx.xxx.xxx.log:Jun  5 10:20:30 172.xxx.xxx.xxx 3572603: Jun  5 10:20:29: %SEC-6-IPACCESSLOGP: list inXXX-ACL denied udp 172.xxx.xxx.xxx(138) -> 172.xxx.xxx.xxx(138), 1 packet

2 REPLIES 2
Vince-Whirlwind
Honored Contributor

Re: ACL Logging

Add the "counting" or "logging" keyword to the access rule line (straight after the deny, I think) and see if it accepts it.

KennyP
Occasional Contributor

Re: ACL Logging

just made a post about this also!!!! Having the same issue in teyting to troubleshoot an ACL. Have you found out the command to view it or see in the log??