If I understood you correctly, you want some sort of reference for the level of logging by device type (this would be related to Annex A.12.4 - Log and monitoring, not A.12.6 - Technical vulnerability management).
Considering that, there is no such template in the toolkit, since for each organization the level of logging, or which device type should be logged, may vary according to the organization's risk tolerance, results of risk assessment, and applicable legal requirements (e.g., laws, regulations, and contracts). Additionally, such documents may mislead organizations while implementing their own logging practices, because they may understand that these are the solution for their risk, without considering their own organizational context.
For example, for a firewall log, you can adopt source and destination IP, date, user, and for workstation log you can use IP, date, user, successful/failed login, etc.
This article will provide you a further explanation about logging: