Email Sent with DDOS "Attack Started"

Using the DDOS profile that comes with ASM. I am looking to send an email to security when a ddos attack begins.

I am familiar with sending emails based on "messages" in the ltm logs, or using snmp traps. i was under the impression can create a logging profile with dos protection enabled and select the local publisher then assign the profile to the vip in question. This will essentially double up the "ATTACK STARTED" messages by also sending a copy to the asm logs so if you are suddenly getting double e-mails for each event then removing the log profile should address that.although I have other emails working for other messages this seems to continue to be an issue. Has anyone every configured this and got it to work?

Sample message: DOSL7D|NOTICE|Jul 27 10:14:24.791|12184|dosl7d_anomaly_engine.cpp:2782|>>>>>>>>> ATTACK STARTED on TPS /DevQa/V249.48-P443 MODE from 209.118.108.195%1 detection: 40.41 legitimate: 2.99 attack id: 896749234 Mitigation:Source IP-Based Rate Limiting <<<<<<<<< DOSL7D|NOTICE|Jul 27 10:15:23.490|12184|dosl7d_anomaly_engine.cpp:2725|>>>>>>>>> END ATTACK on vs /DevQa/V249.48-P443 no more relevant suspicious entities <<<<<<<<< DOSL7D|NOTICE|Jul 27 10:15:23.490|12184|dosl7d_stats.c:0419|Stats for ended attack on vs /DevQa/V249.48-P443 profile /DevQa/sso_whitelist: