ACL Log


Hi,
I've configured an ACL on our Extreme Summit 670 core switch for log connection inside our network.
This is the ACL config:
create access-list Log-connection " source-address 172.26.8.0/21 ; destination-address 172.26.8.0/21 ;" " permit ; log ; mirror-cpu ;" application "Cli"[/code]Applied to all VLAN and all port:

configure access-list add Log-connection last priority 0 zone SYSTEM any ingress[/code]I've redirect all log to my NMS syslogd but I have fear about the switch harddrive.
Someone know where this log is stored on the switch?
Thanks,

Paolo Trivisonno

3 replies

Userlevel 4
Hello Paolo,

You have to enable log events additionally, please check the article for more details - https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-Capture-received-packets-using-an-A...

Best Regards,
Nikolay
Yes, I've configured the ACL after read this post.. the ACL log works.. I saw log on the switch and on my syslog.
The question is another.. where is stored the log on the switch?
We have many traffic 172.26.8.0/21 -> 172.26.8.0/21 logged..
I'm afraid with this ACL the log can fill all drive/memory..
How I can check the log size? Where is stored?
Thanks

King Regards
Paolo Trivisonno
Userlevel 4
In your case log events are stored at the memory-buffer, default buffer size is 1000 messages then the old one will be overwritten.

X70G2.1 # sh log configuration Debug-Mode: Enabled Log Target : memory-buffer Enabled : yes Filter Name : DefaultFilter Match regex : Any Severity : Debug-Data (through Critical) Format : MM/DD/YYYY HH:MM:SS.hh Buffer size : 1000 messages Percent Full : 55% Full Alert : None
[/code]
Best Regards,
Nikolay

Reply