Requirements for using ACL logging
The switch configuration must include an ACL (1) assigned to a port, trunk, or static VLAN interface and (2) containing an ACE configured with the
deny
orpermit
action and thelog
option.- For ACL logging to a server:
The server must be accessible to the switch and identified in the running configuration.
The logging facility must be enabled for Syslog.
- Debug must be configured to:
support ACL messages
send debug messages to the desired debug destination
These requirements are described in more detail in Enabling ACL logging on the switch.