Cisco Systems CL-28826-01

16-36

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 16 Managing Firewall Access Rules

Viewing Hit Count Details

•Figure 16-2 shows the default view. The upper table lists the rules as they exist in your access rules

policy, either all rules or just the ones you selected before generating the report. When you select a

rule, the ACEs created on the device for that rule are listed in the expanded table in the lower half

of the window. When you initially open the report, the expanded table shows the ACEs for all

policies listed in the upper table.

Hit counts in the expanded table are for each ACE, whereas the count in the rules table is the sum

of the hit counts for all ACEs created by the rule. Note that the expanded table for ASA/PIX/FWSM

devices, and IOS devices lower than 12.4(20)T, shows hit counts for each element within any policy

objects used in the rule, whereas for IOS 12.4(20)T+ devices, the information is only provided at

the object group level.

•Figure 16-3 shows the same ACEs in CLI format. These are the ACEs as they exist in the device

configuration.

For more information about how to read and interpret hit count reports, see Viewing Hit Count Details,

page 16-33.

Figure 16-2 Expanded Table