Monitoring alerts

  • Article

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

You can monitor triggered alerts on the Alerts tab. This topic explains how to analyze alerts that appear in the tab. For information about configuring alerts, see Configuring alert definitions.

Note

When the Microsoft Forefront TMG Control service is restarted or the Forefront TMG computer restarts, all alerts are automatically reset.

Viewing alerts

To view alerts

  1. In the Forefront TMG Management console tree, click the Monitoring node. Then click the Alerts tab.

  2. In the details pane, click to expand an alert group, and then select the triggered alert. The following information is displayed for each alert:

    • Alert name—The name of the alert definition.

    • Latest—The date and time that the alert was issued.

    • Status—The alert status shows whether the alert has been acknowledged. Events that are not acknowledged have a status of "New".

    • Category—Specifies whether the alert was issued by the Firewall service.

    • Server—Specifies the Forefront TMG server that issued the alert.

    Note

    Information about each alert can also be viewed in the Windows Event Viewer.

Managing alerts

To manage alerts

  1. In the Forefront TMG Management console tree, click the Monitoring node. Then click the Alerts tab.

  2. You can manage alerts as follows:

    • By default, the alerts pane is automatically updated at regular intervals. To change the setting, on the Tasks tab, select a value in Automatic Refresh Rate.

    • To force a manual refresh of alerts appearing on the page, click Refresh Now on the Tasks tab.

    • To reset an alert, select the alert in the details pane, and then click Reset Selected Alerts. This removes it from the Alerts tab.

    • To acknowledge an alert, select the alert in the details pane, and then, on the Tasks tab, click Acknowledge Selected Alerts. This indicates that you are handling a specific alert, or group of alerts. The status of these alerts is changed to "Acknowledged", and the alerts are no longer displayed on the Dashboard tab.

    • To edit or add a new alert, on the Tasks tab, click Configure Alert Definitions. For instructions on how to define or modify alerts, see Configuring alert definitions.

Concepts

Monitoring activity from the dashboard
Planning for monitoring and logging