Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
389
Views
0
Helpful
2
Replies

ASA Scanning logs

network_team
Level 1
Level 1

‎09-08-2008 01:08 AM - edited ‎03-11-2019 06:41 AM

Hi can anyone explain the below. We have just installed ASA5550 ver 8.0.3 and replace a pix 525 and we are recieving these message alot

[ Scanning] drop rate-2 exceeded. Current burst rate is 8 per second, max configured rate is 8; Current average rate is 8 per second, max configured rate is 4; Cumulative total count is 29362

Labels:
0 Helpful
2 Replies 2

jj27
Spotlight
Spotlight

‎09-08-2008 07:00 AM

Sounds like threat-detection is enabled and configured to allow a burst rate of 4kbps. Can you post a running-configuration?

Check this:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml#sol6

0 Helpful

suschoud
Cisco Employee
Cisco Employee

‎09-08-2008 07:39 AM

If you issue the command : sh run all,you can see the default configuration which you do not normally see.

You would see :

threat-detection rate scanning-threat rate-interval 3600 average-rate 4 burst-rate 8

which suggests the parameters for the " threat detection scanning threat feature ".

If you are getting too much of logs :

1. Disable threat detection altogether.The memory usage will also come down considerably when you do this.

2. Change the parameters by running the above command with different values.

I see that there is a match in burst rate value,so increase that to ,let's say 10.

I also see average configured rate is 4 and your f/w is seeing traffic of avg. rate of 8.So,change it to 10 or 12.That should take care of log messages.

Last,disable the message itself so that you do n't see it.

no logging message

Regards,

Sushil

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card