EventGroup and EventGroupDefinition Attributes for Some Syslog Messages
Some syslog events will have the additional attributes "EventGroup" and
"EventGroupDefinition". You will be able to filter the events table to find events using
these additional attributes by filtering by attribute:value pairs. For example, you
could filter for Application Firewall events by entering apfw:415* in
the search field of the Event Logging table.
Syslog Message Classes and Associated Message ID Numbers
|
EventGroup |
EventGroupDefinition |
Syslog Message ID Numbers (first 3 digits) |
|---|---|---|
| aaa/auth | User Authentication | 109, 113 |
| acl/session | Access Lists/User Session | 106 |
| apfw | Application Firewall | 415 |
| bridge | Transparent Firewall | 110, 220 |
| ca | PKI Certification Authority | 717 |
| citrix | Citrix Client | 723 |
| clst | Clustering | 747 |
| cmgr | Card Management | 323 |
| config | Command Interface | 111, 112, 208, 308 |
| csd | Secure Desktop | 724 |
| cts | Cisco TrustSec | 776 |
| dap | Dynamic Access Policies | 734 |
| eap, eapoudp | EAP or EAPoUDP for Network Admission Control | 333, 334 |
| eigrp | EIGRP Routing | 336 |
| E-mail Proxy | 719 | |
| ipaa/envmon | Environment Monitoring | 735 |
| ha | Failover | 101, 102, 103, 104, 105, 210, 311, 709 |
| idfw | Identity-based Firewall | 746 |
| ids | Intrusion Detection System | 733 |
| ids/ips | Intrusion Detection System / Intrusion Protection System | 400 |
| ikev2 | IKEv2 Toolkit | 750, 751, 752 |
| ip | IP Stack | 209, 215, 313, 317, 408 |
| ipaa | IP Address Assignment | 735 |
| ips | Intrusion Protection System | 401, 420 |
| ipv6 | IPv6 | 325 |
| l4tm | Block lists, Allow lists, grey lists | 338 |
| lic | Licensing | 444 |
| mdm-proxy | MDM Proxy | 802 |
| nac | Network Admission Control | 731, 732 |
| vpn/nap | IKE and IPsec / Network Access Point | 713 |
| np | Network Processor | 319 |
| ospf | OSPF Routing | 318, 409, 503, 613 |
| passwd | Password Encryption | 742 |
| pp | Phone Proxy | 337 |
| rip | RIP Routing | 107, 312 |
| rm | Resource Manager | 321 |
| sch | Smart Call Home | 120 |
| session | User Session | 108, 201, 202, 204, 302, 303, 304, 314, 405, 406, 407, 500, 502, 607, 608, 609, 616, 620, 703, 710 |
| session/natpat | User Session/NAT and PAT | 305 |
| snmp | SNMP | 212 |
| ssafe | ScanSafe | 775 |
| ssl/np ssl | SSL Stack/NP SSL | 725 |
| svc | SSL VPN Client | 722 |
| sys | System | 199, 211, 214, 216, 306, 307, 315, 414, 604, 605, 606, 610, 612, 614, 615, 701, 711, 741 |
| tre | Transactional Rule Engine | 780 |
| ucime | UC-IME | 339 |
| tag-switching | Service Tag Switching | 779 |
| td | Threat Detection | 733 |
| vm | VLAN Mapping | 730 |
| vpdn | PPTP and L2TP Sessions | 213, 403, 603 |
| vpn | IKE and IPsec | 316, 320, 402, 404, 501, 602, 702, 713, 714, 715 |
| vpnc | VPN Client | 611 |
| vpnfo | VPN Failover | 720 |
| vpnlb | VPN Load Balancing | 718 |
| vxlan | VXLAN | 778 |
| webfo | WebVPN Failover | 721 |
| webvpn | WebVPN and AnyConnect Client | 716 |
| session/natpat | User Session / NAT and PAT | 305 |