Home
  •  

ScanRealtimeEngineMapE

ScanRealtimeEngineMapE_5_Rule (Rule)

Knowledge Base article:

Résumé

Le travail d'analyse en temps réel a généré une erreur lors du chargement du moteur de filtre de Forefront Server Security.

Causes

Le moteur de filtre de Forefront Server Security est endommagé ou inaccessible.

Résolution

Réinstallez Forefront Server Security.

Element properties:

TargetFSMPack2007_FSE.Forefront_Security_for_Exchange_Server___Mailbox__Public_Folder_Installation
CategoryEventCollection
EnabledTrue
Event_ID5030
Event SourceFSCRealtimeScanner
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
RemotableTrue
Alert Message
ScanRealtimeEngineMapE_
Event LogApplication
CommentMom2005ID='{CF3226BE-E6BA-4CFA-A7A4-D2616CAC0B19}';MOM2005ComputerGroupID={FDF940D4-932E-42EF-9BE3-0613D4273C8D}

Member Modules:

ID Module Type TypeId RunAs 
_F6DA1507_12AF_11D3_AB21_00A0C98620CE_ DataSource Microsoft.Windows.EventProvider Default
GenerateAlert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="ScanRealtimeEngineMapE_5_Rule" Comment="Mom2005ID='{CF3226BE-E6BA-4CFA-A7A4-D2616CAC0B19}';MOM2005ComputerGroupID={FDF940D4-932E-42EF-9BE3-0613D4273C8D}" Enabled="true" Target="FSMPack2007_FSE.Forefront_Security_for_Exchange_Server___Mailbox__Public_Folder_Installation" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" TypeID="WindowsLibrary!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Property[Type="WindowsLibrary!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>Application</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="Integer">EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>5030</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="String">PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>FSCRealtimeScanner</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="GenerateAlert" TypeID="HealthLibrary!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>2</Severity>

      <AlertName/>

      <AlertDescription/>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="ScanRealtimeEngineMapE_5_Rule.AlertMessage"]$</AlertMessageId>

      <AlertParameters/>

      <Suppression/>

      <Custom1>Microsoft Forefront Server Security</Custom1>

      <Custom2>Forefront Security for Exchange Server</Custom2>

      <Custom3>ScanJobFailure</Custom3>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>