TransportEnginesInitialized - TransportEnginesInitialized_4

TransportEnginesInitialized_4_Rule (Rule)

Knowledge Base article:

Resumen

Este evento comprueba si los motores seleccionados para la detección se han inicializado cuando se habilita el trabajo de detección en transporte. De lo contrario, se generará un evento de error.

Causas

La causa del evento de error puede ser que la subcarpeta del motor se haya eliminado.

Soluciones

Asegúrese de que el proxy HTTP esté configurado correctamente.
Asegúrese de que no haya problemas de red.
Asegúrese de que las opciones de configuración UNC sean apropiadas.

Element properties:

Target

FSMPack2007_FSE.Forefront_Security_for_Exchange_Server___Hub_Transport_Installation

Category

EventCollection

Enabled

True

Event_ID

7009

Event Source

Microsoft Forefront Security

Alert Generate

True

Alert Severity

Error

Alert Priority

Normal

Remotable

True

Alert Message

TransportEnginesInitialized

Event Log

Application

Comment

Mom2005ID='{5346CFF9-75F4-41F8-B9B9-E7709E24255C}';MOM2005ComputerGroupID={F1A85322-5BE3-4AC2-8E2C-34F448DA8BE0}

Member Modules:

ID	Module Type	TypeId	RunAs
_F6DA1507_12AF_11D3_AB21_00A0C98620CE_	DataSource	Microsoft.Windows.EventProvider	Default
GenerateAlert	WriteAction	System.Health.GenerateAlert	Default

Source Code:

<Rule ID="TransportEnginesInitialized_4_Rule" Comment="Mom2005ID='{5346CFF9-75F4-41F8-B9B9-E7709E24255C}';MOM2005ComputerGroupID={F1A85322-5BE3-4AC2-8E2C-34F448DA8BE0}" Enabled="true" Target="FSMPack2007_FSE.Forefront_Security_for_Exchange_Server___Hub_Transport_Installation" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100"> <Category>EventCollection</Category> <DataSources> <DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" TypeID="WindowsLibrary!Microsoft.Windows.EventProvider"> <ComputerName>$Target/Host/Property[Type="WindowsLibrary!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <LogName>Application</LogName> <Expression> <And> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="Integer">EventDisplayNumber</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value>7009</Value> </ValueExpression> </SimpleExpression> </Expression> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="String">PublisherName</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value>Microsoft Forefront Security</Value> </ValueExpression> </SimpleExpression> </Expression> </And> </Expression> </DataSource> </DataSources> <WriteActions> <WriteAction ID="GenerateAlert" TypeID="HealthLibrary!System.Health.GenerateAlert"> <Priority>1</Priority> <Severity>2</Severity> <AlertName/> <AlertDescription/> <AlertOwner/> <AlertMessageId>$MPElement[Name="TransportEnginesInitialized_4_Rule.AlertMessage"]$</AlertMessageId> <AlertParameters/> <Suppression/> <Custom1>Microsoft Forefront Server Security</Custom1> <Custom2>Forefront Security for Exchange Server</Custom2> <Custom3>ScanJobFailure</Custom3> <Custom4/> <Custom5/> <Custom6/> <Custom7/> <Custom8/> <Custom9/> <Custom10/> </WriteAction> </WriteActions> </Rule>