I've yet to use this feature of MARS on a production network. I can tell you what the book by Dale Tesch has to say about your question regarding the VA logs:
"Vulnerability data cannot be viewed in CS-MARS."
The book goes on to state, "CS-MARS does not do a full-blown VA on a target machine but it selects tests to run based on the traffic seen."
This doesn't appear to be a well documented feature of MARS. Hopefully Cisco will augment the literature on this subject. For now the VA process may simply fall under the category, as much of MARS does, of being proprietary information.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...