Running ASA 5510 with Software Version 8.2(2)
Device Manager 6.2(5)
We have threat detection enabled and shunning of hosts enabled .
We are seeing consistent logging of even 733100:
4 | Sep 30 2014 | 10:12:59 | 733100 | | | | | [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 7 per second, max configured rate is 5; Cumulative total count is 4383 |
The source and destination IPs are not being shown for any of these scans . Is there a setting that I am missing ? Obviously we cannot shun any hosts if we don't have a host IP address .
Any input would be greatly appreciated.
thanks
Jack