ExtremeSwitching (EXOS)

Expand all | Collapse all

ACL Log

  • 1.  ACL Log

    Posted 05-08-2018 05:20
    Hi,
    I've configured an ACL on our Extreme Summit 670 core switch for log connection inside our network.
    This is the ACL config:
    create access-list Log-connection " source-address 172.26.8.0/21 ; destination-address 172.26.8.0/21 ;" " permit ; log ; mirror-cpu ;" application "Cli"[/code]Applied to all VLAN and all port:

    configure access-list add Log-connection last priority 0 zone SYSTEM any ingress[/code]I've redirect all log to my NMS syslogd but I have fear about the switch harddrive.
    Someone know where this log is stored on the switch?
    Thanks,

    Paolo Trivisonno


  • 2.  RE: ACL Log

    Posted 05-09-2018 04:06
    Hello Paolo,

    You have to enable log events additionally, please check the article for more details - https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-Capture-received-packets-using-an-A...

    Best Regards,
    Nikolay


  • 3.  RE: ACL Log

    Posted 05-09-2018 05:28
    Yes, I've configured the ACL after read this post.. the ACL log works.. I saw log on the switch and on my syslog.
    The question is another.. where is stored the log on the switch?
    We have many traffic 172.26.8.0/21 -> 172.26.8.0/21 logged..
    I'm afraid with this ACL the log can fill all drive/memory..
    How I can check the log size? Where is stored?
    Thanks

    King Regards
    Paolo Trivisonno



  • 4.  RE: ACL Log

    Posted 05-09-2018 05:36
    In your case log events are stored at the memory-buffer, default buffer size is 1000 messages then the old one will be overwritten.

    X70G2.1 # sh log configuration Debug-Mode: Enabled Log Target : memory-buffer Enabled : yes Filter Name : DefaultFilter Match regex : Any Severity : Debug-Data (through Critical) Format : MM/DD/YYYY HH:MM:SS.hh