How to configure logging in Internet Security and Acceleration Server or in Microsoft Forefront Threat Management Gateway, Medium Business Edition

Article translations Article translations
Article ID: 302372 - View products that this article applies to.
This article was previously published under Q302372
Expand all | Collapse all

On This Page

SUMMARY

This article describes how to configure logging for Internet Security and Acceleration (ISA) Server. ISA Server provides an extensible, multiple-layer enterprise firewall and a scalable, high-performance Web cache server.

To configure logging for ISA Server in ISA Server 2000

There are eight procedures that you can perform to configure logging for ISA Server.

To Configure Logging to a Database

  1. In the console tree of ISA Management, click Internet Security and Acceleration Server, click Servers and Arrays, click the name of the server or array, click Monitoring Configuration, and then click Logs.
  2. In the details pane, right-click the applicable service, and then click Properties.
  3. On the Log tab, click Database.
  4. Confirm or modify the following parameters:
    • ODBC data source (DSN)
    • Table name
    • User account

To Configure Logging to a File

  1. In the console tree of ISA Management, click Logs.
  2. In the details pane, right-click the applicable service, and then click Properties.
  3. On the Log tab, click File.
  4. In Format, click the log format.
  5. In Create new file, click a time period that specifies how often a new log file is created.

To Compress Log Files

  1. In the console tree of ISA Management, click Logs.
  2. In the details pane, right-click the applicable service, and then click Properties.
  3. On the Log tab, click File.
  4. Click Options.
  5. Click to select the Compress log files check box.

To Set the Maximum Number of Log Files

  1. In the console tree of ISA Management, click Logs.
  2. In the details pane, right-click the applicable service, and then click Properties.
  3. On the Log tab, click File.
  4. Click Options.
  5. Click to select the Limit number of log files check box, and then enter the maximum number of log files that you want to keep for the array.

To Enable Logging for a Specific Service

  1. In the console tree of ISA Management, click Logs.
  2. In the details pane, right-click the applicable service, and then click Properties.
  3. On the Log tab, click to select the Enable logging for this service check box.

To Specify Fields to a Log

  1. In the console tree of ISA Management, click Logs.
  2. In the details pane, right-click the applicable service, and then click Properties.
  3. On the Fields tab, perform one of the following tasks:
    • To select specific fields, click to select the appropriate check box.
    • To click to clear all of the check boxes in the field list, click Clear All.
    • To click to select all of the check boxes in the field list, click Select All.
    • To select a default set of fields in the ISA Server log file, click Restore Defaults.

To Log Allowed Packets

  1. In the console tree of ISA Management, click Internet Security and Acceleration Server, click Name, click Access Policy, right-click IP Packet Filters, and then click Properties.
  2. On the Packet Filters tab, click to select the Log packets from 'Allow' filters check box.

To Log Blocked Packets

  1. In the console tree of ISA Management, click IP Packet Filters.
  2. On the View menu, confirm that "Advanced" has a check mark symbol next to it.
  3. In the details pane, right-click the block-mode Internet Protocol (IP) packet filter that you want to modify, and then click Properties.
  4. On the General tab, click to select the Log any packets matching this filter check box.

For ISA Server 2004

For more information about logging in ISA Server 2004, click the following article number to view the article in the Microsoft Knowledge Base:
838241 How to configure logging in ISA Server 2004

For ISA Server 2006

For more information about how to set up logging in ISA Server 2006, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/bb794817.aspx

For Microsoft Forefront Threat Management Gateway, Medium Business Edition

For more information about logging in Forefront Threat Management Gateway, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/bb794937.aspx

Properties

Article ID: 302372 - Last Review: January 15, 2006 - Revision: 1.3
APPLIES TO
  • Microsoft Internet Security and Acceleration Server 2000 Standard Edition
  • Windows Essential Business Server 2008 Standard
  • Microsoft Forefront Threat Management Gateway, Medium Business Edition
Keywords: 
kbhowtomaster KB302372

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com