Configuring Cisco ASA firewall to Email Critical Log Events
Cisco ASA firewalls can be configured to send logs via email, this could be used be used for all event types but unless you dont mind getting spammed use it for receiving alert or critical events only.
example:
logging enable
logging timestamp
smtp-server 172.16.1.XX
logging mail alert
logging from-address ASA@domainame.com
logging recipient-address asa-admin@domain.com level alert
logging enable
logging timestamp
smtp-server 172.16.1.XX
logging mail alert
logging from-address ASA@domainame.com
logging recipient-address asa-admin@domain.com level alert
If you would like to be alerted only when certain critical messages are generated then you should create a
logging list and then associate it with the logging mail command as shown below
logging enable
logging timestamp
smtp-server 172.16.1.XX
logging list critical-events level critical
logging list critical-events message 201003
logging mail critical-events
logging from-address ASA@domainame.com
logging recipient-address asa-admin@domain.com level critical
logging timestamp
smtp-server 172.16.1.XX
logging list critical-events level critical
logging list critical-events message 201003
logging mail critical-events
logging from-address ASA@domainame.com
logging recipient-address asa-admin@domain.com level critical
No comments:
Post a Comment