Requirements for using ACL logging
The switch configuration must include an ACL assigned to a port, trunk, or static VLAN interface. This ACL must contain an ACE configured with the deny action and the log option.
If the RACL application is used, then IPv4 routing must be enabled on the switch.
- For ACL logging to a Syslog server:
The server must be accessible to the switch and identified in the running configuration.
The logging facility must be enabled for Syslog.
- Debug must be configured to:
support ACL messages
send debug messages to the desired debug destination
These requirements are described in more detail under Enabling ACL logging on the switch.