You might consider using SYSLOG with the ASA - it offers a ton of messages, some for ACLs. Here are two examples:
%PIX|ASA-2-106018: ICMP packet type ICMP_type denied by outbound list acl_ID src inside_address dest outside_address
The outgoing ICMP packet with the specified ICMP from local host (inside_address) to the foreign host (outside_address) was denied by the outbound ACL list.
Connection denied by outbound list acl_ID src inside_address dest outside_address
This is a connection-related message. This message is displayed if the specified connection fails because of an outbound deny command. The protocol
variable can be ICMP, TCP, or UDP.
A firewall monitor is what you are really needing. The problem with monitoring firewall rules is that there are so many of them. As an example; if you have a rule with 2 sources, 2 destinations and 2 ports the firewall actually creates 8 rules for that even though you only created one.
One of the other very nice features about a firewall monitor is it can tell you about unused items in any rule or unused rules. Check out FireMon and it's competitors.