You should be able to create a new filter that will be used by the Attack Response for ACL DENY. Go into the Monitor>Audit Viewing section and right click on ACL DENY. Click create new filter and modify the filter section to show:
event AUDIT_R_ACLDENY and not dst_ip 126.96.36.199/16
Give it a name and then save. Go to the Attack Responses (under Monitor) and modify the ACL DENY one to use your new filter.
OMG mtuma, your my hero! I didn't even know this capability existed! Do all custom filters show up in the pouplated list of attack types when in Monior>Attack Responses?
>Do all custom filters show up in the pouplated list of attack types when in Monior>Attack Responses?
They should yes. You just have to make sure you selected "Attack filter" when creating the filter (there is a radio button for that when creating the filter).