How to customize SourceFire Alerts

Unanswered Question
Feb 21st, 2017
User Badges:

Right now, I get an email 'From: SourceFire Alerts' on any event that occurs. So for example 

[1:31600:1] "BLACKLIST DNS reverse lookup response for known malware domain test.ru {udp} 43.94.131.1:53  (united states)->152.41.14.51:65401 (unknown)

I want to be able to customize  this default alert so that our team gets more readable alerts in the mail. I'm not really sure on whether I have to make an api call or where to begin. All I was given was access to my company's cisco firepower manager. Does anyone have an idea on where to start?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion