Il processo di analisi in tempo reale ha superato il limite di tempo consentito per una determinata attività di analisi. Un'azione di timeout determina il ricaricamento del processo di analisi in tempo reale.
1. File particolarmente grandi o con un elevato rapporto di compressione che richiedono un'attività di analisi molto prolungata.
2. File che fanno bloccare un determinato motore di analisi durante l'esecuzione dell'analisi.
Il ripristino da questa situazione è automatico. Se tuttavia questo tipo di evento si verifica frequentemente, è consigliabile contattare il supporto tecnico Microsoft.
| Target | FSMPack2007_FSE.Forefront_Security_for_Exchange_Server___Mailbox__Public_Folder_Installation | ||
| Category | EventCollection | ||
| Enabled | True | ||
| Event_ID | 5066 | ||
| Event Source | FSCController | ||
| Alert Generate | True | ||
| Alert Severity | Warning | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | Application | ||
| Comment | Mom2005ID='{4C130004-F24C-4C80-938E-488A44C6DB28}';MOM2005ComputerGroupID={FDF940D4-932E-42EF-9BE3-0613D4273C8D} |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| _F6DA1507_12AF_11D3_AB21_00A0C98620CE_ | DataSource | Microsoft.Windows.EventProvider | Default |
| GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
Home
ITA <Rule ID="ScanRealtimeTimeoutE_5_Rule" Comment="Mom2005ID='{4C130004-F24C-4C80-938E-488A44C6DB28}';MOM2005ComputerGroupID={FDF940D4-932E-42EF-9BE3-0613D4273C8D}" Enabled="true" Target="FSMPack2007_FSE.Forefront_Security_for_Exchange_Server___Mailbox__Public_Folder_Installation" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" TypeID="WindowsLibrary!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="WindowsLibrary!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Integer">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>5066</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>FSCController</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="HealthLibrary!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
<AlertName/>
<AlertDescription/>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="ScanRealtimeTimeoutE_5_Rule.AlertMessage"]$</AlertMessageId>
<AlertParameters/>
<Suppression/>
<Custom1>Microsoft Forefront Server Security</Custom1>
<Custom2>Forefront Security for Exchange Server</Custom2>
<Custom3>ScanJobFailure</Custom3>
<Custom4/>
<Custom5/>
<Custom6/>
<Custom7/>
<Custom8/>
<Custom9/>
<Custom10/>
</WriteAction>
</WriteActions>
</Rule>