The firewall log session statistics acl command enables statistics on sent and discarded session logs based on ACLs.
The undo firewall log session statistics acl command disables statistics on sent and discarded session logs based on ACLs.
firewall log session statistics acl { acl-number | ipv6 acl-number } [ all-systems ]
undo firewall log session statistics acl [ ipv6 ] acl-number
| Parameter | Description | Value |
|---|---|---|
| ipv6 | Collects statistics on IPv6 session logs based on ACLs. | - |
| acl-number | Specifies an ACL. | The value is an integer ranging from 2000 to 3999. The number of a basic ACL ranges from 2000 to 2999 and that of an advanced ACL ranges from 3000 to 3999. |
| all-systems | Collects statistics on session logs sent and discarded of all systems that ACL traffic crosses virtual systems. | The public system supports the all-systems parameter, while virtual systems do not. |
By default, the function of collecting statistics on sent and discarded session logs based on ACLs is disabled.
Usage ScenarioYou can run this command to accurately collect statistics on sent and discarded session logs of a specific session or several sessions. When session logs of certain sessions are lost, you can determine whether the USG6000E sends or discards session logs of the sessions.
Precautionsacl-number specifies the ACL matched by sessions. The ACL can contain up to 128 rules.
Statistics on session logs in binary and syslog formats can be collected based on ACLs. Configuring ACL-based statistics on sent and discarded session logs affects the device performance. Use this function based on the actual situation.