Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

scanning threat 733100 not showing source , destination or port

Running ASA 5510 with Software Version 8.2(2)

Device Manager 6.2(5)

We have threat detection enabled and shunning of hosts enabled .

 

We are seeing consistent logging of even 733100:

4Sep 30 201410:12:59733100    [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 7 per second, max configured rate is 5; Cumulative total count is 4383

 

 

 

The source and destination IPs are not being shown for any of these scans . Is there a setting that I am missing ? Obviously we cannot shun any hosts if we don't have a host IP address .

Any input would be greatly appreciated.

 

thanks

Jack

1 REPLY
Cisco Employee

Hi Jack,As per your

Hi Jack,

As per your description , I think you only have the Basic Threat Detection enabled on the ASA device.

This syslog will never show the IP address. If you want to check the statistics per IP address basis , you would have to configure the Threat Detection Statistics on the ASA device:-

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/conns_threat.html#wp1091680

Thanks and Regards,

Vibhor Amrodia

 

122
Views
0
Helpful
1
Replies
CreatePlease to create content