diff --git a/falco.yaml b/falco.yaml
index a0b5fa85..6fb19538 100644
--- a/falco.yaml
+++ b/falco.yaml
@@ -80,7 +80,7 @@ buffered_outputs: false
 #
 # The rate at which log/alert messages are emitted is governed by a
 # token bucket. The rate corresponds to one message every 30 seconds
-# with a burst of one message.
+# with a burst of one message (by default).
 #
 # The messages are emitted when the percentage of dropped system calls
 # with respect the number of events in the last second
diff --git a/userspace/falco/event_drops.cpp b/userspace/falco/event_drops.cpp
index 16ae2478..3d646c15 100644
--- a/userspace/falco/event_drops.cpp
+++ b/userspace/falco/event_drops.cpp
@@ -87,14 +87,11 @@ bool syscall_evt_drop_mgr::process_event(sinsp *inspector, sinsp_evt *evt)
 			delta.n_drops++;
 		}
 
-		if(m_simulate_drops || (delta.n_drops > 0 && delta.n_evts > 0))
+		if(delta.n_drops > 0)
 		{
 			double ratio = delta.n_drops;
-			// Number of events can possiblity be zero here only when simulating drops
-			// In which case, ratio holds an infinite value
-			// Assuming IEC 559 (aka IEEE 754 - std::numeric_limits<T>::is_iec559) is true
-			// Anyways, this is always greater than zero when not simulating drops
-			ratio /= delta.n_evts;
+			// Assuming the number of event does not contains the dropped ones
+			ratio /= delta.n_drops + delta.n_evts;
 
 			// When simulating drops the threshold is always zero
 			if(ratio > m_threshold)