It also still shows these as level "warning", %ASA-4-106100, instead of the default %ASA-6-106100
I've tried removing and re-applying the config at different levels but it still reports in the buffer log as level "warning", %ASA-4-106100
This also doesnt affect every 106100 log that is generated. Most messages are generated at the correct level 6 severity but some seem to randomly log at level 4. There doesn't seem to be any pattern to this. The same access-list line can produce severity level 4 and 6 106100 messages.
Came across your post, when looking up my own ACL specific logging wasn't working at all. Found out I was hitting a bug - CSCsz73284. Upgraded any I got many, many 106100 logs at the "error" level.
Not sure if this is still relevant for you, or if you have found your answer yet, but it could be that you've got some particular access-list entry in the config that is getting hit, where the "log warnings" is configured at the end like this:
access-list extended deny
The log level for 106100 can differ depending on the log level of a particular access-list entry, and it cannot be changed globally. e.g.
ASA(config)# logging message 106100 level errors
INFO: Please use the access-list command to change the severity level of this syslog
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...