By default, ACL entries that are matched by packets traversing a router interface create incremental counters that can be analysed using the show ip access-lists command, as can be seen in the example below:
Router#show ip access-lists
Extended IP access list test
10 deny tcp any any eq 80 (10 matches)
20 permit ip any any (56 matches)
If you need more detailed information about the traffic that is being matched by the ACL entries, you can configure the log or log-input parameters to the relevant ACL entries.
Router(config)#ip access-list extended test
Router . . .
The content below this message is for members only.