This Rule generates alerts when The Microsoft Firewall service failed to log information to the MSDE database
The Microsoft Firewall service failed to start.
The service failed to start because the data in the storage is corrupt. This may be due to incorrect configuration of either the registry or the Configuration Storage server.
Review other alerts to determine the cause of the problem.
If a backup exists, use the ISA Server Restore option to restore the backed-up configuration. For details about restoring an ISA Server configuration, see ISA Server Help.
If you are unable to restore the configuration, or doing so does not solve the problem, then uninstall and subsequently reinstall ISA Server. When you uninstall, all the configuration information is discarded. Do not reinstall ISA Server without first uninstalling.
Target | Microsoft.ISAServer.2006.Logging.Advanced |
Category | EventCollection |
Enabled | True |
Alert Generate | False |
Remotable | True |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.ISAServer.2006.Rule.AlertGenerate.DS | Default |
WA | WriteAction | Microsoft.ISAServer.2006.Rule.AlertGenerate.WA | Default |
<Rule ID="Microsoft.ISAServer.2006.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.Rule" Enabled="onEssentialMonitoring" Target="Microsoft.ISAServer.2006.Logging.Advanced" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Microsoft.ISAServer.2006.Rule.AlertGenerate.DS">
<ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<EventsPattern>^(8)$</EventsPattern>
<EventType>1</EventType>
<SourcePattern>Microsoft Firewall</SourcePattern>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WA" TypeID="Microsoft.ISAServer.2006.Rule.AlertGenerate.WA">
<AlertMessageId>$MPElement[Name="Microsoft.ISAServer.2006.The_Microsoft_Firewall_Service_failed_to_log_information_to_the_MSDE_Database.AlertMessage"]$</AlertMessageId>
<DomainName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DomainDnsName$</DomainName>
<Priority>2</Priority>
<Severity>2</Severity>
</WriteAction>
</WriteActions>
</Rule>