Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA Scanning logs

Hi can anyone explain the below. We have just installed ASA5550 ver 8.0.3 and replace a pix 525 and we are recieving these message alot

[ Scanning] drop rate-2 exceeded. Current burst rate is 8 per second, max configured rate is 8; Current average rate is 8 per second, max configured rate is 4; Cumulative total count is 29362


Re: ASA Scanning logs

Sounds like threat-detection is enabled and configured to allow a burst rate of 4kbps. Can you post a running-configuration?

Check this:

Cisco Employee

Re: ASA Scanning logs

If you issue the command : sh run all,you can see the default configuration which you do not normally see.

You would see :

threat-detection rate scanning-threat rate-interval 3600 average-rate 4 burst-rate 8

which suggests the parameters for the " threat detection scanning threat feature ".

If you are getting too much of logs :

1. Disable threat detection altogether.The memory usage will also come down considerably when you do this.

2. Change the parameters by running the above command with different values.

I see that there is a match in burst rate value,so increase that to ,let's say 10.

I also see average configured rate is 4 and your f/w is seeing traffic of avg. rate of 8.So,change it to 10 or 12.That should take care of log messages.

Last,disable the message itself so that you do n't see it.

no logging message



CreatePlease to create content