Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
323
Views
1
Helpful
2
Replies

Cisco ASA - Syslog ID Numbers

guybrr
Level 1
Level 1

‎05-15-2024 01:07 AM

Hi,

According to table 43 in Cisco ASA docs: 
https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/about.html#con_4768518

the syslog logs of Cisco ASA suppose to contain a message ID of 3 numbers that indicates the type of the log.

I can't find that in my logs, but I can see the Message_number, for example (722051):
<164>Mar 21 2024 14:28:12: %ASA-4-722051: Group <ab-cd-efg-hhh-123> User <user.name@gmail.com> IP <8.8.8.8> IPv4 Address <10.0.0.1> IPv6 address <::> assigned to session

are the three first numbers of the message number correlates with the message ID? Which means in this case - SSL VPN Client?

Thanks 

Labels:
0 Helpful
2 Replies 2

MHM Cisco World
VIP
VIP

‎05-15-2024 01:20 AM

In same link you share 

Message number

A unique six-digit number that identifies the syslog message.

As I understand the first three digits for message class (also this show in link).

And yes this syslog for ssl vpn.

MHM

0 Helpful

guybrr
Level 1
Level 1
In response to MHM Cisco World

‎05-15-2024 01:46 AM

Thanks for the fast response.

Yes, the problem is that there is message_id in the table and message_number in the log format description.

I assumed that the first 3 are the class but it is not mentioned anywhere. 

Customers Also Viewed These Support Documents