IPv4 Access Control Lists (ACLs)
Enable ACL “Deny” Logging
Enabling ACL Logging on the Switch
1. If you are using a Syslog server, use the logging < ip-addr > command to
configure the Syslog server IP address(es). Ensure that the switch can
access any Syslog server(s) you specify.
2. Use logging facility syslog to enable the logging for Syslog operation.
3. Use the debug destination command to configure one or more log destina-
tions. (Destination options include logging and session. For more informa-
tion on debug, refer to “Debug and Syslog Messaging Operation” in
appendix C, “Troubleshooting”, in the Management and Configuration
Guide for your switch.)
4. Use debug acl or debug all to configure the debug operation to include ACL
messages.
5. Configure one or more ACLs with the deny action and the log option.
9-98
