Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to customize SourceFire Alerts

Right now, I get an email 'From: SourceFire Alerts' on any event that occurs. So for example 

[1:31600:1] "BLACKLIST DNS reverse lookup response for known malware domain test.ru {udp} 43.94.131.1:53  (united states)->152.41.14.51:65401 (unknown)

I want to be able to customize  this default alert so that our team gets more readable alerts in the mail. I'm not really sure on whether I have to make an api call or where to begin. All I was given was access to my company's cisco firepower manager. Does anyone have an idea on where to start?

32
Views
0
Helpful
0
Replies