Syslog message classes and associated message ID numbers
You can use syslog message classes in two ways:
-
Specify an output location for an entire category of syslog messages.
-
Create a message list that specifies the message class.
Use the syslog message class to categorize syslog messages by type, such as features or functions of the device. For example, use the RIP class for RIP routing.
Syslog messages in the same class have the same three initial digits in their message ID numbers. For example, the syslog messages for the VPN client feature use ID numbers 611101 to 611323.
Most ISAKMP syslog messages include prepended objects that identify the tunnel. When available, these objects appear before the descriptive text of a syslog message. If the object is unknown when the syslog message is generated, the heading and value combination is omitted.
The objects are prefixed in this manner:
Group = groupname, Username = user, IP = IP_address
The term 'group' here refers to the tunnel-group configuration. The username is from the local database or AAA server. The IP address is the public IP address of the remote access client or Layer 2 peer.
See the message classes and the range of message ID numbers in each class in this table.
|
Class |
Definition |
Syslog Message ID Numbers |
|---|---|---|
|
auth |
User Authentication |
109, 113 |
|
— |
Access Lists |
106 |
|
— |
Application Firewall |
415 |
|
— |
Botnet Traffic Filtering |
338 |
|
bridge |
Transparent Firewall |
110, 220 |
|
ca |
PKI Certification Authority |
717 |
|
citrix |
Citrix Client |
723 |
|
— |
Clustering |
747 |
|
— |
Card Management |
323 |
|
config |
Command Interface |
111, 112, 208, 308 |
|
csd |
Secure Desktop |
724 |
|
cts |
Cisco TrustSec |
776 |
|
dap |
Dynamic Access Policies |
734 |
|
EAP, eapoudp |
EAP or EAPoUDP for Network Admission Control |
333, 334 |
|
EIGRP |
EIGRP Routing |
336 |
|
|
E-mail Proxy |
719 |
|
— |
Environment Monitoring |
735 |
|
ha |
Failover |
101, 102, 103, 104, 105, 210, 311, 709 |
|
— |
Identity-based Firewall |
746 |
|
ids |
Intrusion Detection System |
400, 733 |
|
— |
IKEv2 Toolkit |
750, 751, 752 |
|
IP |
IP Stack |
209, 215, 313, 317, 408 |
|
ipaa |
IP Address Assignment |
735 |
|
ips |
Intrusion Protection System |
400, 401, 420 |
|
— |
IPv6 |
325 |
|
— |
Licensing |
444 |
|
MDM-proxy |
MDM Proxy |
802 |
|
NAC |
Network Admission Control |
731, 732 |
|
nacpolicy |
NAC Policy |
731 |
|
nacsettings |
NAC Settings to apply NAC Policy |
732 |
|
— |
NAT and PAT |
305 |
|
— |
Network Access Point |
713 |
|
NP |
Network Processor |
319 |
|
— |
NP SSL |
725 |
|
OSPF |
OSPF Routing |
318, 409, 503, 613 |
|
— |
Password Encryption |
742 |
|
— |
Phone Proxy |
337 |
|
RIP |
RIP Routing |
107, 312 |
|
rm |
Resource Manager |
321 |
|
— |
Smart Call Home |
120 |
|
session |
User Session |
106, 108, 201, 202, 204, 302, 303, 304, 305, 314, 405, 406, 407, 500, 502, 607, 608, 609, 616, 620, 703, 710 |
|
SNMP |
SNMP |
212 |
|
— |
ScanSafe |
775 |
|
SSL |
SSL Stack |
725 |
|
svc |
SSL VPN Client |
722 |
|
sys |
System |
199, 211, 214, 216, 306, 307, 315, 414, 604, 605, 606, 610, 612, 614, 615,701, 711, 741 |
|
— |
Threat Detection |
733 |
|
tag-switching |
Service Tag Switching |
779 |
|
transactional-rule-engine-tre |
Transactional Rule Engine |
780 |
|
uc-IMS |
UC-IMS |
339 |
|
vm |
VLAN Mapping |
730 |
|
vpdn |
PPTP and L2TP Sessions |
213, 403, 603 |
|
VPN |
IKE and IPsec |
316, 320, 402, 404, 501, 602, 702, 713, 714, 715 |
|
vpnc |
VPN Client |
611 |
|
vpnfo |
VPN Failover |
720 |
|
vpnlb |
VPN Load Balancing |
718 |
|
— |
VXLAN |
778 |
|
webfo |
WebVPN Failover |
721 |
|
webvpn |
WebVPN and Secure Client |
716 |