07-09-2010 07:28 AM - edited 03-11-2019 11:09 AM
Hey gang:
I'm updating my logging lists and would like to know if there is a list of syslog messages by event class (I found the list by severity level). If not, is there some way to identify the class by looking at the syslog message number?
Thanks.
Solved! Go to Solution.
07-10-2010 01:09 AM
Here is the list of syslog messages by event class for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4768518
Hope that helps.
07-09-2010 07:59 AM
Hello,
Here is a Cisco document on some of the built in logging classes.
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/l2.html
#wp1749568
Hope this helps.
Regards,
NT
07-09-2010 08:32 AM
Unfortunately that doesn't really show us, for example, what class messsage ID# 730010 would fall under. That's what I'm after.
07-09-2010 08:43 AM
Hello,
Unfortunately, there does not seem to be any specific classification of
those individual message types. Typically you configure the message classes
based on your requirement i.e. if you are interested in seeing VPN related
messages, then you use "VPN" class and set appropriate severity. Here is a
document that outlines some additional information about the syslog
messages.
http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/logsevp.ht
ml
Hope this helps.
Regards,
NT
07-09-2010 11:26 AM
Thanks for the replies.
I understand typical usage, but what if you don't know what class an individual message would fall under? I can make a good guess at most, but I'd rather be certain. This is what I cannot find in the Cisco documentation nor in 3rd party published material.
Another example: I want to receieve emails for threat detection messages (733100 - 733105). Because I'm not sure what class these are in (I'd guess IPS) I have to add them individually to my email logging list. It'd be a heck of a lot easier to add the entire class that they belong to.
07-10-2010 01:09 AM
Here is the list of syslog messages by event class for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4768518
Hope that helps.
07-10-2010 03:41 AM
I wish ASAs had some tool to filter syslog messages based on user defined patterns like logging discriminator or ESM in Cisco IOS.
07-10-2010 04:48 AM
01-25-2023 09:09 AM
Not sure if this link has expired, but that is not a listing of messages by class. That is a listing of messages by ID. The message ID's can be correlated to message Class, according to this table:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: