Solved: Re: smtp email logging alerts

lcaruso · ‎01-16-2011

Nowadays, most mail servers require authentication and many also require encryption. As far as I can tell, the ASA offers no alternative ports and authentication for email logging setup. Does that mean ASA email logging is not possible in modern environments? What workarounds are their for sending email based logging alerts when your site's email server won't let the ASA connect with old insecure protocols and no authentication?

ben_johnson · ‎01-16-2011

If the logging information you're after is typically also available via syslog you could send all of your alerts/warnings/etc to your syslog server. You could then employ a script, such as "swatch" for most *nix varieties, that will watch the log file on the server for "interesting messages" and email those to you. This is one of the methods I employ as a more pro-active way to monitor syslog messages coming from our Cisco devices.

You can find swatch here if you're interested: http://sourceforge.net/projects/swatch/

Cheers,

Ben.

View solution in original post

ben_johnson · ‎01-16-2011

If the logging information you're after is typically also available via syslog you could send all of your alerts/warnings/etc to your syslog server. You could then employ a script, such as "swatch" for most *nix varieties, that will watch the log file on the server for "interesting messages" and email those to you. This is one of the methods I employ as a more pro-active way to monitor syslog messages coming from our Cisco devices.

You can find swatch here if you're interested: http://sourceforge.net/projects/swatch/

Cheers,

Ben.

lcaruso · ‎01-17-2011

Thanks for your reply. That's a good idea for sites that are sending to syslog servers.