12-30-2012 06:15 PM - edited 03-11-2019 05:42 PM
Hey guys,
We have a 5585X running in multi context mode, and we are getting log entries for scanning threat detection, such as:
%ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 5 per second, max configured rate is 5; Cumulative total count is 3116
Threat detection is not supported in multi context mode so I cannot tune the thresholds, is there any way that I can get rid of this outside of messing about with logging levels/message IDs?
12-31-2012 12:31 AM
check the output of show run threat-detection or show run | in threat in all contexts.
it there is any config enabled then negate it using no command.
01-01-2013 04:59 PM
The only config under any context is:
pri/act/fakename/admin# sh run | inc threat
no threat-detection statistics tcp-intercept
Which is also the only threat-detection config available:
pri/act/fakename/admin(config)# threat-detection ?
configure mode commands/options:
statistics Keyword to configure statistics of threat detection
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide