ì´ 모니İ늆AD FS ê°Â사 로그 ì´벤ʸ ì›Â본ì„ ì´벤ʸ ë·°ì–´ìÂËœ Windows 보안 ê°Â사 로그엠등ë¡Âՠ수 ì—†ìÂΓ„ 나À냅니다.
AD FS ê°Â사가 성공ì Â으로 기ë¡ÂëÂÅ“ 경우, 모니Ä°ê°€ 녹색 ìƒÂÜ로 변경ë˜고중욆경고가 ìžÂë™으로 Õ´ê²°ë©니다.
ÃŽ˜ëÂâ€Ã«Â ˆì´션 서비스ì—Âì„œ Windows ì´벤ʸ 로그를 사용՘여 ê°Â사를 초기Ãâ„¢â€Ã•˜ì§€ 못ֈ습니다. ì›Âì¸ì€ Windows 오류 ì½â€Ã«â€œÅ“와 ì´벤ʸ엠반Ù˜ëÂÅ“ 예외 ë°ì´Ä° 때문ì¼ 수 있습니다.
문제를 ë†ìžÂ세Þˆ 진단՘려면 ì´벤ʸ엠ìըëÂÅ“ 오류 ì½â€Ã«â€œÅ“와 예외 Ã…Â스ʸ를 검ƠÕ˜ì‹Â시오.
Target | Microsoft.ActiveDirectoryFederationServices.2016.FederationServer | ||
Parent Monitor | System.Health.SecurityState | ||
Category | SecurityHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.Windows.2SingleEventLog2StateMonitorType | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerAuditLogEventSourceCouldNotBeRegisteredErrorMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer" ParentMonitorID="Health!System.Health.SecurityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">
<Category>SecurityHealth</Category>
<AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerAuditLogEventSourceCouldNotBeRegisteredErrorMonitor_AlertMessageResourceID">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Error</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Error"/>
<OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>
</OperationalStates>
<Configuration>
<FirstComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>
<FirstLogName>$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</FirstLogName>
<FirstExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">209</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>(^AD FS$)</Pattern>
</RegExExpression>
</Expression>
</And>
</FirstExpression>
<SecondComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>
<SecondLogName>Security</SecondLogName>
<SecondExpression>
<RegExExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>(^AD FS Auditing$)</Pattern>
</RegExExpression>
</SecondExpression>
</Configuration>
</UnitMonitor>