Logging Access List Activity
To configure the maximum number of deny flows and to set the interval between deny flow alert
messages (106101), enter the following commands:
To set the maximum number of deny flows permitted per context before the security appliance stops
•
logging, enter the following command:
hostname(config)# access-list deny-flow-max number
The number is between 1 and 4096. 4096 is the default.
To set the amount of time between system messages (number 106101) that identify that the
•
maximum number of deny flows was reached, enter the following command:
hostname(config)# access-list alert-interval secs
The seconds are between 1 and 3600. 300 is the default.
Cisco Security Appliance Command Line Configuration Guide
16-22
Chapter 16
Identifying Traffic with Access Lists
OL-12172-03