Cisco N7K view ACL log

This example displays how view logs of the mgmt0-access ACL:

# sh ip access-lists

IP access list mgmt0-access
 statistics per-entry
 10 permit tcp addrgroup NOC addrgroup RouterBlock eq 22 [match=2611]
 20 permit udp addrgroup NOC addrgroup RouterBlock eq snmp [match=0]
 40 permit udp addrgroup NOC eq ntp addrgroup RouterBlock [match=0]
 50 permit tcp addrgroup NOC eq tacacs addrgroup RouterBlock [match=2055]

60 permit tcp addrgroup NOC addrgroup RouterBlock eq www [match=0]
 500 permit ip addrgroup NOC addrgroup RouterBlock log [match=818]

To view the log, you need to use the following command :

# sh log ip access-list cache
Src IP Dst IP S-Port D-Port Src Intf Protocol
 Hits
--------------------------------------------------------------------------------
----------------
10.200.0.20 10.200.0.11 40196 161 mgmt0 (6)TCP
 65
10.200.0.20 10.200.0.11 56267 80 mgmt0 (6)TCP
 0

Number of cache entries: 2
--------------------------------------------------------------------------------

Zed-Network

Network Effect

Cisco N7K view ACL log