56-7
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter56 Configuring Threat Detection
Configuring Advanced Threat Detection Statistics
Security Context Guidelines
Only TCP Intercept statistics are available in multiple mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
Types of Traffic Monitored
Only through-the-box traffic is monitored; to-the-box traffic is not included in threat detection.
Default Settings
By default, statistics for access lists are enabled.
Configuring Advanced Threat Detection Statistics
By default, statistics for access lists are enabled. To enable other statistics, perform the following steps.
Detailed Steps
Command Purpose
Step1 threat-detection statistics
Example:
hostname(config)# threat-detection statistics
(Optional) Enables all statistics.
To enable only certain statistics, enter this command
for each statistic type (shown in this table), and do
not also enter the command without any options.
You c an ent er threat-detection statistics (without
any options) and then customize certain statistics by
entering the command with statistics-specific
options (for example, threat-detection statistics
host number-of-rate 2). If you enter
threat-detection statistics (without any options)
and then enter a command for specific statistics, but
without any statistic-specific options, then that
command has no effect because it is already enabled.
If you enter the no form of this command, it removes
all threat-detection statistics commands, including
the threat-detection statistics access-list
command, which is enabled by default.
Step2 threat-detection statistics access-list
Example:
hostname(config)# threat-detection statistics
access-list
(Optional) Enables statistics for access lists (if they
were disabled previously). Statistics for access lists
are enabled by default. Access list statistics are only
displayed using the show threat-detection top
access-list command. This command is enabled by
default.