Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
596
Views
0
Helpful
1
Replies

Cisco ASA Mail Logging - Group syslog messages

Christian Woegerbauer
Level 1
Level 1

‎06-07-2015 05:00 AM - edited ‎03-11-2019 11:04 PM

Hello!

I configured logging via e-mail for messages related to the Cisco ASA botnet filter. It should send syslog messages to the admin when the botnet filter recognizes traffic from infected hosts :

logging list e-mail-notification message 338002
logging list e-mail-notification message 338001
logging list e-mail-notification message 338003
logging list e-mail-notification message 338004
logging mail e-mail-notification
logging from-address firewall@domain.com
logging recipient-address admin@domain.com level warnings

 

The logging works fine, mails are sent. But I receive one email per syslog messages. So if there are 1000 syslog messages regarding the botnet filter the admin got 1000 mails in his inbox.

My question is, is it possible to summarize/group these messages into one mail? For instance to send an email each 100 syslog messages with these 100 messages in the body.

 

Thanks,

Woger

Labels:
0 Helpful
1 Reply 1

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎06-07-2015 08:17 PM

Hi,

This is not possible to configure on the ASA device. The reason is that if you group all the syslog together , how would the ASA device judge when to send the trigger out. If only a single syslog is generated and not the others.

The trigger can only be a syslog being generated.

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card