This Rule generates alerts when The Microsoft Firewall service failed to log information to the MSDE database
The Firewall Service generates this alert when a logging record cannot be added to the MSDE database. The first parameter of the alert contains the name of the logging component (Firewall or Web Proxy). The second parameter of the alert contains the error description received from MSDE.
A log record cannot be added to the MSDE database for one of the following reasons:
The service does not have appropriate permission.
Low resources on the computer.
MSDE service (MSSQL$MSFW) is not started.
There is no space on the disk drive.
Close other programs that are running. Use the Task Manager to check programs and processes using large amounts of system resources.
Start the MSDE service. In TMG Server Management, click Monitoring. On the Services tab, right-click the MSDE service and then click Start.
Delete unnecessary files from the logging disk drive.
Verify that you have assigned appropriate permissions for the TMG Server services.
For more information about TMG Server logs, refer to the "Logs" topic in the TMG Server on-line help.
| Target | Microsoft.Forefront.TMG.Logging.SQLServerExpressDatabase |
| Category | EventCollection |
| Enabled | True |
| Alert Generate | False |
| Remotable | True |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| DS | DataSource | Microsoft.Forefront.TMG.Rule.AlertGenerate.DS | Default |
| WA | WriteAction | Microsoft.Forefront.TMG.Rule.AlertGenerate.WA | Default |
Home
ENU <Rule ID="Microsoft.Forefront.TMG.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.Rule" Enabled="true" Target="Microsoft.Forefront.TMG.Logging.SQLServerExpressDatabase" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Microsoft.Forefront.TMG.Rule.AlertGenerate.DS">
<ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<EventsPattern>^(8)$</EventsPattern>
<EventType>1</EventType>
<SourcePattern>Microsoft Forefront TMG Firewall</SourcePattern>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WA" TypeID="Microsoft.Forefront.TMG.Rule.AlertGenerate.WA">
<AlertMessageId>$MPElement[Name="Microsoft.Forefront.TMG.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.AlertMessage"]$</AlertMessageId>
<DomainName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DomainDnsName$</DomainName>
<Priority>2</Priority>
<Severity>2</Severity>
</WriteAction>
</WriteActions>
</Rule>