Taille de bloc NTLMEvent de la base de données - Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth (UnitMonitor) (FRA)

Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth (UnitMonitor)

Moniteur de performances pour la taille de bloc NTLMEvent de la base de données du centre Microsoft ATA 1.8

Knowledge Base article:

Récapitulatif

Nombre d'activités réseau d'un type spécifique en attente d'écriture dans la base de données.

Doit être inférieure à la valeur maximale-1 (valeur maximale par défaut : 50000)

Element properties:

Target

Microsoft.AdvancedThreatAnalytics.1_8.Center

Parent Monitor

System.Health.PerformanceState

Category

PerformanceHealth

Enabled

True

Instance Name

Microsoft ATA Center

Counter Name

Database NTLMEvent Block Size

Frequency

Alert Generate

True

Alert Severity

Warning

Alert Priority

Normal

Alert Auto Resolve

True

Monitor Type

System.Performance.ConsecutiveSamplesThreshold

Remotable

True

Accessibility

Public

Alert Message

Alerte de la taille de bloc NTLMEvent de la base de données

Instance {0}
Objet {1}
Compteur {2}
A la valeur {3}
À {4}

RunAs

Default

Source Code:

<UnitMonitor ID="Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth" Accessibility="Public" Enabled="true" Target="Microsoft.AdvancedThreatAnalytics.1_8.Center" ParentMonitorID="Health!System.Health.PerformanceState" Remotable="true" Priority="Normal" TypeID="Perf!System.Performance.ConsecutiveSamplesThreshold" ConfirmDelivery="false"> <Category>PerformanceHealth</Category> <AlertSettings AlertMessage="Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth.Alert"> <AlertOnState>Warning</AlertOnState> <AutoResolve>true</AutoResolve> <AlertPriority>Normal</AlertPriority> <AlertSeverity>Warning</AlertSeverity> <AlertParameters> <AlertParameter1>$Data[Default='']/Context/InstanceName$</AlertParameter1> <AlertParameter2>$Data[Default='']/Context/ObjectName$</AlertParameter2> <AlertParameter3>$Data[Default='']/Context/CounterName$</AlertParameter3> <AlertParameter4>$Data[Default='']/Context/SampleValue$</AlertParameter4> <AlertParameter5>$Data[Default='']/Context/TimeSampled$</AlertParameter5> </AlertParameters> </AlertSettings> <OperationalStates> <OperationalState ID="ConditionFalse" MonitorTypeStateID="ConditionFalse" HealthState="Success"/> <OperationalState ID="ConditionTrue" MonitorTypeStateID="ConditionTrue" HealthState="Warning"/> </OperationalStates> <Configuration> <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <CounterName>Database NTLMEvent Block Size</CounterName> <ObjectName>Microsoft ATA Center</ObjectName> <InstanceName>nt authority\system\microsoft.tri.center</InstanceName> <AllInstances>false</AllInstances> <Frequency>60</Frequency> <Threshold>50000</Threshold> <Direction>greater</Direction> <NumSamples>1</NumSamples> </Configuration> </UnitMonitor>