https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44553#M10947 Have created an ACL policy and applied to a vlan on Egress. I know you can log to mirror-cpu on ingress but not egress, but I need away to find out what is causing problems.<BR /> <BR /> My ACL is written in the format of permits and an explict deny at the end.<BR /> <BR /> In order to stop my ACL killing service I have changed the explict deny at the end to a explict permit, and configured a count.<BR /> <BR /> I can see the count racking up, which it shouldn't as I am really only denying on a security beach.<BR /> <BR /> Any ideas?<BR /> <BR /> Perhaps the only method is to run a packet capture and just workout what traffic I've missed, of course logging the deny's on the rule would be a lot easier by far.<BR /> <BR /> Thanks in advance. Fri, 21 Aug 2015 15:03:00 GMT Anonymous 2015-08-21T15:03:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44553#M10947 Have created an ACL policy and applied to a vlan on Egress. I know you can log to mirror-cpu on ingress but not egress, but I need away to find out what is causing problems.<BR /> <BR /> My ACL is written in the format of permits and an explict deny at the end.<BR /> <BR /> In order to stop my ACL killing service I have changed the explict deny at the end to a explict permit, and configured a count.<BR /> <BR /> I can see the count racking up, which it shouldn't as I am really only denying on a security beach.<BR /> <BR /> Any ideas?<BR /> <BR /> Perhaps the only method is to run a packet capture and just workout what traffic I've missed, of course logging the deny's on the rule would be a lot easier by far.<BR /> <BR /> Thanks in advance. Fri, 21 Aug 2015 15:03:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44553#M10947 Anonymous 2015-08-21T15:03:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44554#M10948 Well it seems you can! My issue was that I needed the following command:<BR /> <BR /> configure log filter DefaultFilter add event kern.card.infoinstead of:<BR /> <BR /> configure log filter DefaultFilter add event kern.info<BR /> <BR /> Mon, 24 Aug 2015 17:40:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44554#M10948 Anonymous 2015-08-24T17:40:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44555#M10949 Sounds like you figured this one out over the weekend. Thanks for coming back to update the post.<BR /> Mon, 24 Aug 2015 17:40:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/log-mirror-acl-s-on-egress/m-p/44555#M10949 Drew_C 2015-08-24T17:40:00Z