Rozmiar bloku NTLMEvent bazy danych - Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth (UnitMonitor) (PLK)

Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth (UnitMonitor)

Monitor wydajności dla centrum usługi Microsoft ATA 1.8 — rozmiar bloku NTLMEvent bazy danych

Knowledge Base article:

Podsumowanie

Liczba działań w sieci określonego typu znajdujących się w kolejce w celu zapisania w bazie danych.

Ta wartość powinna być mniejsza niż wartość maksymalna - 1 (domyślna wartość maksymalna: 50000)

Element properties:

Target

Microsoft.AdvancedThreatAnalytics.1_8.Center

Parent Monitor

System.Health.PerformanceState

Category

PerformanceHealth

Enabled

True

Instance Name

Microsoft ATA Center

Counter Name

Database NTLMEvent Block Size

Frequency

Alert Generate

True

Alert Severity

Warning

Alert Priority

Normal

Alert Auto Resolve

True

Monitor Type

System.Performance.ConsecutiveSamplesThreshold

Remotable

True

Accessibility

Public

Alert Message

Alert dotyczący rozmiaru bloku NTLMEvent bazy danych

Wystąpienie {0}
Obiekt {1}
Licznik {2}
Ma wartość {3}
O godzinie {4}

RunAs

Default

Source Code:

<UnitMonitor ID="Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth" Accessibility="Public" Enabled="true" Target="Microsoft.AdvancedThreatAnalytics.1_8.Center" ParentMonitorID="Health!System.Health.PerformanceState" Remotable="true" Priority="Normal" TypeID="Perf!System.Performance.ConsecutiveSamplesThreshold" ConfirmDelivery="false"> <Category>PerformanceHealth</Category> <AlertSettings AlertMessage="Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize.PerformanceHealth.Alert"> <AlertOnState>Warning</AlertOnState> <AutoResolve>true</AutoResolve> <AlertPriority>Normal</AlertPriority> <AlertSeverity>Warning</AlertSeverity> <AlertParameters> <AlertParameter1>$Data[Default='']/Context/InstanceName$</AlertParameter1> <AlertParameter2>$Data[Default='']/Context/ObjectName$</AlertParameter2> <AlertParameter3>$Data[Default='']/Context/CounterName$</AlertParameter3> <AlertParameter4>$Data[Default='']/Context/SampleValue$</AlertParameter4> <AlertParameter5>$Data[Default='']/Context/TimeSampled$</AlertParameter5> </AlertParameters> </AlertSettings> <OperationalStates> <OperationalState ID="ConditionFalse" MonitorTypeStateID="ConditionFalse" HealthState="Success"/> <OperationalState ID="ConditionTrue" MonitorTypeStateID="ConditionTrue" HealthState="Warning"/> </OperationalStates> <Configuration> <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <CounterName>Database NTLMEvent Block Size</CounterName> <ObjectName>Microsoft ATA Center</ObjectName> <InstanceName>nt authority\system\microsoft.tri.center</InstanceName> <AllInstances>false</AllInstances> <Frequency>60</Frequency> <Threshold>50000</Threshold> <Direction>greater</Direction> <NumSamples>1</NumSamples> </Configuration> </UnitMonitor>