Hi Marvin,

Please see below and suggest.

asa# sh access-list sfr
access-list sfr; 1 elements; name hash: 0x7b320f74
access-list sfr line 1 extended permit ip any any (hitcnt=9328926) 0x57cb890e
asa# sh access-list sfr
access-list sfr; 1 elements; name hash: 0x7b320f74
access-list sfr line 1 extended permit ip any any (hitcnt=9344021) 0x57cb890e

class-map sfr
match access-list sfr

policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
inspect pptp
inspect icmp error
inspect ip-options
class global_class
flow-export event-type all destination X.X.X.X
class sfr
sfr fail-open

asa# sh service-policy sfr

Global policy:
Service-policy: global_policy
Class-map: sfr
SFR: card status Up, mode fail-open
packet input 9897398, packet output 9897461, drop 0, reset-drop 0

asa# sh service-policy sfr

Global policy:
Service-policy: global_policy
Class-map: sfr
SFR: card status Up, mode fail-open
packet input 9897868, packet output 9897931, drop 0, reset-drop 0