With the Cisco device, if traffic is shunned, it should generate a different message than the ACL blocks. The event you pasted, "ACL Inside Access in Denied TCP Packet," is telling you that your "Inside Access in" is what blocked the traffic. A shun is a little bit different.
Looking at the shun command, you can't actually turn off logging (some firewalls let you turn off logs for blacklisted/shunned IPs), so you should see messages if a shun is hit.
Here's some thoughts of messages to look for, from Cisco ASA Series Syslog Messages - Syslog Messages 101001-520025 [Cisco ASA 5500-X Series Firewalls] - Cisco
401002 - Shun Added
Error Message %ASA-4-401002: Shun added: IP_address IP_address port port
401003 - Shun Deleted
Error Message %ASA-4-401003: Shun deleted: IP_address
401004 - Shunned traffic detected
Error Message %ASA-4-401004: Shunned packet: IP_address = IP_address on interface interface_name
You will see these strings - 401002, 401003, 401004 - in the ProviderSID field coming from LEM. It should include literally "ASA-4-401004" but if someone has changed the severity manually the 4 will be something else. Easiest approach is probably to clone your firewall filter or create a new one that looks for "Any Alert.ProviderSID = *40100*" (or explicitly 401004, 401003, or 401002 depending on what you want to look for).