05-15-2024 01:07 AM
Hi,
According to table 43 in Cisco ASA docs:
https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/about.html#con_4768518
the syslog logs of Cisco ASA suppose to contain a message ID of 3 numbers that indicates the type of the log.
I can't find that in my logs, but I can see the Message_number, for example (722051):
<164>Mar 21 2024 14:28:12: %ASA-4-722051: Group <ab-cd-efg-hhh-123> User <user.name@gmail.com> IP <8.8.8.8> IPv4 Address <10.0.0.1> IPv6 address <::> assigned to session
are the three first numbers of the message number correlates with the message ID? Which means in this case - SSL VPN Client?
Thanks
05-15-2024 01:20 AM
In same link you share
Message number
A unique six-digit number that identifies the syslog message.
As I understand the first three digits for message class (also this show in link).
And yes this syslog for ssl vpn.
MHM
05-15-2024 01:46 AM
Thanks for the fast response.
Yes, the problem is that there is message_id in the table and message_number in the log format description.
I assumed that the first 3 are the class but it is not mentioned anywhere.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide