https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437117#M268800 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>If you would like to stop the<STRONG>"drop rate-<X> exceeded" </X></STRONG>messages for a specific host , that would not be possible on the ASA device. Depending on the configuration on the ASA device , if you have Scanning threat detecttion enabled and this server is being shunned , you would be able to exclude this host using <STRONG>threat-detection scanning-threat except </STRONG>command on the ASA device.</P><P></P><P>Thanks and Regards,</P><P>Vibhor</P></BODY></HTML> Sat, 01 Mar 2014 20:37:27 GMT Vibhor Amrodia 2014-03-01T20:37:27Z https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437116#M268799 <P>In our ASA 5520 we see a lot of messages with "drop rate-&lt;x&gt; exceeded". These messages are caused by our Zabbix server that is pinging to about 300 network routers in our nation wide retail network every 60 seconds.</P><P>I know that we can ignore these messages or change the threat-detection rate settings. But what we really want is just to exclude the thread-detection for our Zabbix host.</P><P></P><P>Is it possible and how?</P> Tue, 12 Mar 2019 03:52:24 GMT https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437116#M268799 n.vd.coevering 2019-03-12T03:52:24Z https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437117#M268800 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>If you would like to stop the<STRONG>"drop rate-<X> exceeded" </X></STRONG>messages for a specific host , that would not be possible on the ASA device. Depending on the configuration on the ASA device , if you have Scanning threat detecttion enabled and this server is being shunned , you would be able to exclude this host using <STRONG>threat-detection scanning-threat except </STRONG>command on the ASA device.</P><P></P><P>Thanks and Regards,</P><P>Vibhor</P></BODY></HTML> Sat, 01 Mar 2014 20:37:27 GMT https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437117#M268800 Vibhor Amrodia 2014-03-01T20:37:27Z https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437118#M268801 <HTML><HEAD></HEAD><BODY><P>Thanks Vibhor for confirming what I thought. We are still debating if we are going to enable shunning.</P></BODY></HTML> Sun, 02 Mar 2014 21:56:55 GMT https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437118#M268801 n.vd.coevering 2014-03-02T21:56:55Z https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437119#M268802 <HTML><HEAD></HEAD><BODY><P>but you could enable shunning and disable shun for the zabix host, why not test this behavior ???</P></BODY></HTML> Mon, 03 Mar 2014 17:47:01 GMT https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437119#M268802 INGENIERIA Y CONSULTORIAS WEBREDES LTDA 2014-03-03T17:47:01Z https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437120#M268803 <HTML><HEAD></HEAD><BODY><P>Yes, this is possible. But after enabling shunning and excluding the host, warning messages still keep appearing for his host.</P></BODY></HTML> Tue, 04 Mar 2014 10:49:25 GMT https://community.cisco.com/t5/network-security/drop-rate-exceeded-exclude-specific-host/m-p/2437120#M268803 n.vd.coevering 2014-03-04T10:49:25Z