Network administrators need to track when traffic matches deny entry in an ACL applied to a port. They want the alert to be sent to a syslog server that is already set up to send logs.
What should administrators do to enable alerts?
Network administrators need to track when traffic matches deny entry in an ACL applied to a port. They want the alert to be sent to a syslog server that is already set up to send logs.
What should administrators do to enable alerts?
To enable alerts when traffic matches a deny entry in an ACL, network administrators should specify the log option for the ACL entry and enable ACL debugging. The log option ensures that any matches to this ACL rule are logged, and enabling ACL debugging allows these logs to be appropriately captured and sent to the configured syslog server.
Correct is A. The option B have as debug destination the session (cli session) not syslog server
D right sent to a syslog server
Correct is B
correct is A
A is the correct one.
Yes B: Sw(config)# logging ipaddresshere Sw(config)# logging facility syslog Sw(config)# debug destination loggin Sw(config)# debug acl
In B there is only the "debug destination session" option. Does it also log to a syslog server? I don't think so...
A. Use the debug command to direct ACL logging output to the current console session and/or to a Syslog server. Note that you must also use the logging <ip-addr> command to specify the addresses of Syslog servers to which you want log messages sent.
It is clearly A because the log option is a requirement and w/o that acl logging doesn't work.
Correct answer is A