Configuring alert definitions

Following Setup, a number of predefined alerts are configured. Each alert has a related Forefront TMG event. When the event occurs, the alert is triggered. You can enable or disable alerts, modify the event trigger for the alert, and modify the action to be performed when the alert is triggered.

You may want to define additional custom alerts. Preconfigured alerts exist for all events, but you may want to create a custom alert definition with a new condition. For example, the predefined alert Log Failure is triggered with the condition Any Forefront TMG Service. The action for the alert is to report the issue to the Windows event log and stop selected services. In addition to this alert, you may want to create another custom alert for the Log Failure event that sends an email if logging fails for the Firewall service.

Modifying alert definitions

You modify predefined and custom alert definitions as follows:

  1. In the Forefront TMG console tree, click** Monitoring**.
  2. In the details pane, click the Alerts tab.
  3. On the Tasks pane, click Configure Alert Definitions.
  4. In the Alert Definitions list, select the alert you want to modify, and then click Edit.
  5. On the General tab, modify the name, category, and severity of the alert.
  6. On the Events tab, specify how many times the event occurs before the alert is issued and how the alert should be issued once that number is reached. You can specify how many times in total the event should occur before the alert is issued, or how many times the event occurs per second. If you specify both values, both limits must be reached before the alert is issued.
  7. On the Actions tab, specify the action that occurs when the alert is issued. By default, alerts are always reported to the Windows event log.

To delete an alert definition from the list, select the alert in the Alert Definitions list, and then click Remove.

Creating custom alert definitions

You create custom alert definitions using the New Alert Configuration Wizard, as follows:

  1. In the Forefront TMG console tree, click** Monitoring**.
  2. In the details pane, click the Alerts tab.
  3. On the Tasks pane, click Configure Alert Definitions.
  4. In the Alert Definitions list, click Add.
  5. Complete the New Alert Configuration Wizard. Note the following:
    1. On the Event and Conditions page, select the event that triggers the alert and any additional conditions.
    2. On the Server page, leave the default Any server setting.
    3. On the Category and Severity page, classify the alert.
    4. On the Actions page, specify the actions to be completed when the alert is triggered.