botfilter real-time report in ASDM

nikolaj joeker · ‎05-06-2015

I have botfilter installed and running on an ASA5520 sw 9.1(5) ASDM 7.3(3).

The filter is active an detecting and blocking.

The Statistics in ASDM Monitoring is showing detections and blockings, the Infected Hosts is showing detections by host as expected.

But the real-time report in Monitoring in ASDM dosn't show anything.

Ány suggestions how to solve that?

regards Nikolaj

Vibhor Amrodia · ‎05-06-2015

Hi,

Have you tried to check for these specific Syslog ID in the ASDM monitoring :-

338001 - 338004

338101 - 338104

338201 - 338204

338301 - 338310

Refer:-

http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logmsgs1.html#pgfId-5787165

Thanks and Regards,

Vibhor Amrodia

nikolaj joeker · ‎05-13-2015

hi

I'm not quite following.

These ID's seems to notify detections etc regarding the BOT filter.

The ASA is detecting the BOT traffic and blocking and allowing.

My problem is that the ADSM doesn't update the "real-time report" in the ASDM interface.

Vibhor Amrodia · ‎05-13-2015

Hi,

I am sorry. I misunderstood your question.

Upgrade to ASDM 7.4.1 and above to fix this Defect:-CSCuq59377

https://tools.cisco.com/bugsearch/bug/CSCuq59377/?reffering_site=dumpcr

Thanks and Regards,

Vibhor Amrodia