If I'm troubleshooting something in particular on an ASA, then it's often useful to be able to filter the syslog messages I'm seeing to only those that are relevant. If I'm troubleshooting something like VPN tunnels, then I can filter by the "vpn" class using something like:
logging class vpn buffered 6
However, if I want to troubleshoot ACLs, then there isn't a class for that, even though there is a syslog "category" for those messages, in the sense they all begin with 106.
If I want to filter by a "category" that doesn't have a class defined, should I do something similar to the below, or is there a better way?
logging list mylist message 106000-106999
logging buffered mylist
This is obviously assuming I want to log to the internal buffer. I'd change the commands appropriately if I wanted to log to somewhere else.
Is there any particular reason why some of the syslog "categories" don't have a class defined? Is it just to avoid polluting the class namespace with tonnes of less-often-used class names?
Many thanks
