Hi halijenn

Will it contain 165 as well as mentioned below . If not then in what class it will be contained ?

165>%ASA-5-111008: User 'enable_15' executed the 'clear logging buffer' command.

thanks again halijenn !!!  , however please let me know as to why it is not mentioned in the document . Is it a Bug ? Anyhow thanks for resolving my query

Thanks for the rating as always.

Which part is not mentioned in the documentation?

165>%ASA-5-111008: User 'enable_15' executed the 'clear logging buffer' command. In this Message ID 165 is not associated with any of the class in Syslog Message Classes and Associated Message ID Numbers 

I believe 165 is just the sequence number of the syslog messages itself, not the class of the actual syslog message. 165 will give you the timestamp of each syslog messages.

Hi halijenn

I am still not sure if 165 is not the message ID as for the same we get the output of the configuration done by us in command mode (as seen in below logs)  .Also strange is the thing that  description of 165 is not mentioned in the document  ) .Please correct me if i am wrong . Also i am not able to understand the time stamp you are talking about .

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4768518

<165>%ASA-5-111008: User 'enable_15' executed the 'exit' command.
<165>%ASA-5-111005: console end configuration: OK
<165>%ASA-5-111007: Begin configuration: console reading from terminal
<165>%ASA-5-111008: User 'enable_15' executed the 'configure terminal' command.

I have one more query which is not related to above

If i have 2 messages to be sent as warnings (though the default level is something else) to the syslog server whether i can specify my customized severity level as mentioned below

logging list MYLIST message 111008-111009
logging trap MYLIST

111008 is having LEVEL 5

111009 is having LEVEL 7

If i configure the below in addition to above , will i get both the messages in syslog as level warnings ?

logging message 111008 level warnings
logging message 111009 level warnings

I am not aware of <165> is anything significant in regards to the syslog message itself. Can you pls advise on which syslog you are actually seeing this? whether it is through console logging, buffered logging, monitor or on the syslog server itself?

I just quickly do a lab recreate on buffered logging, and didn't see the <165> as the syslog message itself started from the % sign:

%ASA-5-111008: User 'enable_15' executed the 'logging buffered debugging' command.
%ASA-5-111005: console end configuration: OK

In regards to changing the syslog message level so the level that you wanted, you are absolutely right.

From your example:

Syslog# 111008 (level 5) will be changed to level warnings with "logging message 111008 level warnings" command.