Home
  •  

WefEventActivityTranslator String Block Size

Microsoft.AdvancedThreatAnalytics.1_9.Gateway.WefEventActivityTranslatorStringBlockSize.PerformanceHealth (UnitMonitor)

Performance Monitor for the Microsoft ATA 1.9 Gateway WefEventActivityTranslator String Block Size

Knowledge Base article:

Summary

The amount of traffic being dropped by the ATA Gateway every second.

Should be zero all of the time (rare short burst of drops are acceptable)

Element properties:

TargetMicrosoft.AdvancedThreatAnalytics.1_9.Gateway
Parent MonitorSystem.Health.PerformanceState
CategoryPerformanceHealth
EnabledTrue
Instance NameMicrosoft ATA Gateway
Counter NameWefEventActivityTranslator String Block Size
Frequency60
Alert GenerateTrue
Alert SeverityWarning
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeSystem.Performance.ConsecutiveSamplesThreshold
RemotableTrue
AccessibilityPublic
Alert Message
WefEventActivityTranslator String Block Size Alert

Instance {0}
Object {1}
Counter {2}
Has a value {3}
At time {4}
RunAsDefault

Source Code:

<UnitMonitor ID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.WefEventActivityTranslatorStringBlockSize.PerformanceHealth" Accessibility="Public" Enabled="true" Target="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" ParentMonitorID="Health!System.Health.PerformanceState" Remotable="true" Priority="Normal" TypeID="Perf!System.Performance.ConsecutiveSamplesThreshold" ConfirmDelivery="false">

  <Category>PerformanceHealth</Category>

  <AlertSettings AlertMessage="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.WefEventActivityTranslatorStringBlockSize.PerformanceHealth.Alert">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Warning</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data[Default='']/Context/InstanceName$</AlertParameter1>

      <AlertParameter2>$Data[Default='']/Context/ObjectName$</AlertParameter2>

      <AlertParameter3>$Data[Default='']/Context/CounterName$</AlertParameter3>

      <AlertParameter4>$Data[Default='']/Context/SampleValue$</AlertParameter4>

      <AlertParameter5>$Data[Default='']/Context/TimeSampled$</AlertParameter5>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="ConditionFalse" MonitorTypeStateID="ConditionFalse" HealthState="Success"/>

    <OperationalState ID="ConditionTrue" MonitorTypeStateID="ConditionTrue" HealthState="Warning"/>

  </OperationalStates>

  <Configuration>

    <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

    <CounterName>WefEventActivityTranslator String Block Size</CounterName>

    <ObjectName>Microsoft ATA Gateway</ObjectName>

    <InstanceName>nt authority\system\microsoft.tri.gateway</InstanceName>

    <AllInstances>false</AllInstances>

    <Frequency>60</Frequency>

    <Threshold>50000</Threshold>

    <Direction>greater</Direction>

    <NumSamples>1</NumSamples>

  </Configuration>

</UnitMonitor>