The Microsoft Firewall service failed to log information to the MSDE database - Microsoft.ISAServer.2006.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE

Microsoft.ISAServer.2006.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.Rule (Rule)

This Rule generates alerts when The Microsoft Firewall service failed to log information to the MSDE database

Knowledge Base article:

Summary

The Microsoft Firewall service failed to start.

Causes

The service failed to start because the data in the storage is corrupt. This may be due to incorrect configuration of either the registry or the Configuration Storage server.

Resolutions

Review other alerts to determine the cause of the problem.
If a backup exists, use the ISA Server Restore option to restore the backed-up configuration. For details about restoring an ISA Server configuration, see ISA Server Help.
If you are unable to restore the configuration, or doing so does not solve the problem, then uninstall and subsequently reinstall ISA Server. When you uninstall, all the configuration information is discarded. Do not reinstall ISA Server without first uninstalling.

Element properties:

Target	Microsoft.ISAServer.2006.Logging.Advanced
Category	EventCollection
Enabled	True
Alert Generate	False
Remotable	True

Member Modules:

ID	Module Type	TypeId	RunAs
DS	DataSource	Microsoft.ISAServer.2006.Rule.AlertGenerate.DS	Default
WA	WriteAction	Microsoft.ISAServer.2006.Rule.AlertGenerate.WA	Default

Module Type

TypeId

RunAs

DataSource

Microsoft.ISAServer.2006.Rule.AlertGenerate.DS

Default

WriteAction

Microsoft.ISAServer.2006.Rule.AlertGenerate.WA

Default

Source Code:

<Rule ID="Microsoft.ISAServer.2006.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.Rule" Enabled="onEssentialMonitoring" Target="Microsoft.ISAServer.2006.Logging.Advanced" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100"> <Category>EventCollection</Category> <DataSources> <DataSource ID="DS" TypeID="Microsoft.ISAServer.2006.Rule.AlertGenerate.DS"> <ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <LogName>Application</LogName> <EventsPattern>^(8)$</EventsPattern> <EventType>1</EventType> <SourcePattern>Microsoft Firewall</SourcePattern> </DataSource> </DataSources> <WriteActions> <WriteAction ID="WA" TypeID="Microsoft.ISAServer.2006.Rule.AlertGenerate.WA"> <AlertMessageId>$MPElement[Name="Microsoft.ISAServer.2006.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.AlertMessage"]$</AlertMessageId> <DomainName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DomainDnsName$</DomainName> <Priority>2</Priority> <Severity>2</Severity> </WriteAction> </WriteActions> </Rule>