For compliance I need to ensure that all deny statements within access lists are logged.
this finds a single entry in the config that begins with deny and ends in log.
What I really need is a regex line that finds any line that contains deny, but does not contain log.
/([deny])\w.* <does not contain> log/g
I can set this to report and would know if any deny statements are not logged, and it will check every statement not just clear after the first.