Enable ACL “Deny” or “Permit” Logging

ACL logging enables the switch to generate a message when IP traffic meets the criteria for a match with an ACE that results in an explicit “deny” or “permit” action. You can use ACL logging to help:
  • Test your network to ensure that your ACL configuration is detecting and denying or permitting the IPv4 traffic you do not want forwarded.

  • Receive notification when the switch detects attempts to forward IPv4 traffic you have designed your ACLs to reject (deny) or allow (permit.)

The switch sends ACL messages to and optionally to the current console, Telnet, or SSH session. You can use logging <> to configure up to six server destinations.