EntityResolver Activity Block Size - Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize.PerformanceHealth (UnitMonitor)

Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize.PerformanceHealth (UnitMonitor)

Performance Monitor for the Microsoft ATA 1.8 Gateway EntityResolver Activity Block Size

Knowledge Base article:

Summary

The amount of Network Activities (NAs) queued for resolution.

Should be less than the maximum-1 (default maximum: 10000)

Element properties:

Target

Microsoft.AdvancedThreatAnalytics.1_8.Gateway

Parent Monitor

System.Health.PerformanceState

Category

PerformanceHealth

Enabled

True

Instance Name

Microsoft ATA Gateway

Counter Name

EntityResolver Activity Block Size

Frequency

Alert Generate

True

Alert Severity

Warning

Alert Priority

Normal

Alert Auto Resolve

True

Monitor Type

System.Performance.ConsecutiveSamplesThreshold

Remotable

True

Accessibility

Public

Alert Message

EntityResolver Activity Block Size Alert

Instance {0}
Object {1}
Counter {2}
Has a value {3}
At time {4}

RunAs

Default

Source Code:

<UnitMonitor ID="Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize.PerformanceHealth" Accessibility="Public" Enabled="true" Target="Microsoft.AdvancedThreatAnalytics.1_8.Gateway" ParentMonitorID="Health!System.Health.PerformanceState" Remotable="true" Priority="Normal" TypeID="Perf!System.Performance.ConsecutiveSamplesThreshold" ConfirmDelivery="false"> <Category>PerformanceHealth</Category> <AlertSettings AlertMessage="Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize.PerformanceHealth.Alert"> <AlertOnState>Warning</AlertOnState> <AutoResolve>true</AutoResolve> <AlertPriority>Normal</AlertPriority> <AlertSeverity>Warning</AlertSeverity> <AlertParameters> <AlertParameter1>$Data[Default='']/Context/InstanceName$</AlertParameter1> <AlertParameter2>$Data[Default='']/Context/ObjectName$</AlertParameter2> <AlertParameter3>$Data[Default='']/Context/CounterName$</AlertParameter3> <AlertParameter4>$Data[Default='']/Context/SampleValue$</AlertParameter4> <AlertParameter5>$Data[Default='']/Context/TimeSampled$</AlertParameter5> </AlertParameters> </AlertSettings> <OperationalStates> <OperationalState ID="ConditionFalse" MonitorTypeStateID="ConditionFalse" HealthState="Success"/> <OperationalState ID="ConditionTrue" MonitorTypeStateID="ConditionTrue" HealthState="Warning"/> </OperationalStates> <Configuration> <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <CounterName>EntityResolver Activity Block Size</CounterName> <ObjectName>Microsoft ATA Gateway</ObjectName> <InstanceName>nt authority\system\microsoft.tri.gateway</InstanceName> <AllInstances>false</AllInstances> <Frequency>60</Frequency> <Threshold>10000</Threshold> <Direction>greater</Direction> <NumSamples>1</NumSamples> </Configuration> </UnitMonitor>