MCPD log level explanation

I may not entirely understand your question. Let me know if this doesn't help.

For your first question - those options (alert, crit, notice, etc..) for the most part are standard syslog severity levels. See the syslog Wikipedia page for some general info. The levels themselves are just guidelines and applications map their specific errors to each level based on how severe the app's specific error is. F5 recently released a Log Messages List, but I am not aware of any reference that maps specific error messages to severity level.

Audit logging does cover config changes through the GUI and CLI. It also includes some system-level (non-user) config change events.

I'm not sure what you mean by combining those config changes. Basically each one allows you to control the level of logging for that function. Increasing audit logging would increase the granularity of config auditing, and decreasing the severity level (i.e. going down to DEBUG, for example) of mcpd logging would increase the logging of that system. Just be very careful of maximizing logging (using 'debug' or 'verbose' for example) as this can greatly increase the amount of logging and impact system performance. That's a general caution for any system.

Does that help or are you trying to capture some specific information?