Each session ACL has a "log" parameter that you can enable. You have to delete then recreate the ACL to enable this, however. After you enable it, type "show log security 50" to see if you see any hits.
The best way is probably to type "show acl hits" and see if the counts go up.
To see what traffic is coming to/from a particular ip address, type "show datapath session table <ip address of client or target> to see that.