Botnet logs

Unanswered Question
Jun 4th, 2010
User Badges:

We just installed Botnet on our ASA firewalls.  Is there a way to have the botnet logs forwarded to email?  I've looked through all the settings and can't seem to find anything.  Thanks for the help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
tprendergast Fri, 06/04/2010 - 14:04
User Badges:
  • Silver, 250 points or more

They can go to syslog, and you can then have a daemon parse syslog and send it to you via email if you like. That's usually a scripted method we've used to achieve this.

Robert Zeff Sat, 05/26/2012 - 21:12
User Badges:

Create a logging event list (ASDM : Configuration/Logging/Event Lists)
Use Message IDs 338201-338202 and 338001-338004)

Then in Logging Filters, enable email and select the event list.


Robert Zeff Sun, 05/27/2012 - 15:08
User Badges:

I should add, I don't see how to set the SMTP credentials for email.  Anyone?
I added the ASA's IP into the SMTP server's trusted list and it works.


This Discussion