Botnet logs

Unanswered Question
Jun 4th, 2010

We just installed Botnet on our ASA firewalls.  Is there a way to have the botnet logs forwarded to email?  I've looked through all the settings and can't seem to find anything.  Thanks for the help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tprendergast Fri, 06/04/2010 - 14:04

They can go to syslog, and you can then have a daemon parse syslog and send it to you via email if you like. That's usually a scripted method we've used to achieve this.

Robert Zeff Sat, 05/26/2012 - 21:12

Create a logging event list (ASDM : Configuration/Logging/Event Lists)
Use Message IDs 338201-338202 and 338001-338004)

Then in Logging Filters, enable email and select the event list.

-Robert

Robert Zeff Sun, 05/27/2012 - 15:08

I should add, I don't see how to set the SMTP credentials for email.  Anyone?
I added the ASA's IP into the SMTP server's trusted list and it works.

Actions

This Discussion