Views reference - Forefront Security for Exchange Server - FFSMP for SCOM 2007

Article
07/23/2014

The following tables provide a reference to each of the Forefront Security for Exchange views included in the Microsoft Forefront Server Security Management Pack for Operations Manager 2007. For more information about views, see Views - FFSMP for SCOM 2007.

Alert Views for Forefront Security - General

Folder	Microsoft Forefront Server Security
View Name	Alerts – Microsoft Forefront
Criteria	Resolution State != "Resolved" AND CustomField1 = "Microsoft Forefront Server Security" AND Computer Group = "All Computers in Management Pack"
Alert	Critical errors or warnings.
Description	Displays all alerts generated for agent-managed systems that are members of the "Microsoft Forefront Server Security" computer group.
Resolution	Investigate each alert.

Folder	Microsoft Forefront Server Security\Engines
View Name	Engine Update Failure
Criteria	Resolution State != "Resolved" AND CustomField1 = "Microsoft Forefront Server Security" AND CustomField3 = "EngineUpdateFailure" AND Computer Group = "All Computers in Management Pack"
Alert	Yellow warning – engine update warnings. Red error – critical engine update errors.
Description	Displays alerts about engine update failures.
Resolution	Investigate each alert.

Alert Views for Forefront for Exchange

Folder	Microsoft Forefront Server Security\Forefront for Exchange
View Name	Alerts – Forefront for Exchange
Criteria	Resolution State != "Resolved" AND CustomField1 = "Microsoft Forefront Server Security" AND Computer Group = "All Computers in Management Pack"
Alert	Critical errors or warnings
Description	Displays all alerts generated for agent-managed systems that are members of the "Forefront for Exchange" computer group.
Resolution	Investigate each alert.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Scan Job Failure
Criteria	Resolution State != "Resolved" AND CustomField1 = "Microsoft Forefront Server Security" AND CustomField2 = "Forefront Security for Exchange Server" AND CustomField3 = "ScanJobFailure"
Alert	Critical errors or warnings concerning scan jobs
Description	Alerts that indicate scan job failures.
Resolution	Investigate each alert.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Services
View Name	Service Failure
Criteria	Resolution State != "Resolved" AND CustomField1 = "Microsoft Forefront Server Security" AND CustomField2 = "Forefront Security for Exchange Server" AND CustomField3 = "ServicesFailure"
Alert	Critical errors or warnings concerning Forefront services or license state
Description	Alerts generated from events that indicate service failures.
Resolution	Investigate each alert.

State Views

Folder	Microsoft Forefront Server Security
View Name	State View
Criteria	State (if FSCController and FSCMonitor services are running, the state is green, otherwise the state is red)
Alert	See Health State Events
Description	Displays the health of all Forefront servers.
Resolution	See Health State Events

Event Views for Forefront Security - General

Parent Folder	Microsoft Forefront Server Security
View Name	Events – Microsoft Forefront
Criteria	Generated in the last 7 days AND Computer Group = "All Computers in Management Pack"
Description	Displays all events generated by agent-managed systems that are members of the "Microsoft Forefront Server Security" computer group.

Parent Folder	Microsoft Forefront Server Security\Engines
View Name	Engine Update Status
Criteria	Event ID = (2014 or 2016 or 6012 or 6014 or 9525 or 9897 or 9898) AND Generated in the last 7 days AND Computer Group = "All Computers in Management Pack"
Description	Displays all events that indicate a successfully-completed scan engine update on "Microsoft Forefront Server Security" systems.
Resolution	None required.

Event Views for Forefront for Exchange

Parent Folder	Microsoft Forefront Server Security\Forefront for Exchange
View Name	Events – Forefront for Exchange
Criteria	Generated in the last 7 days AND Computer Group = "All Computers in Management Pack"
Description	Displays all events generated from agent-managed systems in the "Forefront for Exchange"" computer group.

Parent Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Scan Job Status
Criteria	Event ID = (2000 or 2001 or 2002 or 2005 or 2007 or 2008) AND Generated in the last 7 days AND Computer Group = "All Computers in Management Pack"
Description	Displays all events that indicate Scan Jobs going into an enabled or disabled state on "Forefront for Exchange" systems.
Resolution	None required.

Parent Folder	Microsoft Forefront Server Security\Forefront for Exchange\Services
View Name	Services Status
Criteria	Event ID = (332 or 333 or 1002 or 1003 or 1005 or 1006 or 1007 or 1008 or 7036) AND Generated in the last 7 days AND Computer Group = "All Computers in Management Pack"
Description	Displays events that indicate Forefront Security and related services started or stopped successfully on "Forefront for Exchange" systems.
Resolution	None required.

Performance Views for Forefront for Exchange

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Attachment Scan Rate
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Attachments Scanned Rate"
Description	Attachment scan rate for the Realtime scanner.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Attachments Cleaned
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Attachments Cleaned"
Description	Total number of attachments cleaned by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Attachments Detected
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Attachments Detected"
Description	Total number of attachments detected by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Attachments Removed
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Attachments Removed"
Description	Total number of attachments removed by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Attachments Scanned
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Attachments Scanned"
Description	Total number of attachments scanned by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Messages Detected
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Messages Detected"
Description	Total number of messages detected by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Messages Purged
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Messages Purged"
Description	Total number of messages purged by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Messages Scanned
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Messages Scanned"
Description	Total number of messages scanned by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Realtime Messages Tagged
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Realtime Scan Job" Counter name = "Total Messages Tagged"
Description	Total number of messages tagged by the Realtime Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Attachment Scan Rate
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Attachments Scanned Rate"
Description	Attachment scan rate for the Transport scanner.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Attachments Cleaned
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Attachments Cleaned"
Description	Total number of attachments cleaned by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Attachments Detected
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Attachments Detected"
Description	Total number of attachments detected by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Attachments Removed
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Attachments Removed"
Description	Total number of attachments removed by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Attachments Scanned
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Attachments Scanned"
Description	Total number of attachments scanned by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Messages Detected
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Messages Detected"
Description	Total number of messages detected by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Messages Purged
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Messages Purged"
Description	Total number of messages purged by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Messages Scanned
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Messages Scanned"
Description	Total number of messages scanned by the Transport Scan.
Resolution	None required.

Folder	Microsoft Forefront Server Security\Forefront for Exchange\Scan Jobs
View Name	Transport Messages Tagged
Criteria	Computer Group = "All Computers in Management Pack" Object name = "Microsoft Forefront Server Security Scan" Instance = "Transport Scan Job" Counter name = "Total Messages Tagged"
Description	Total number of messages tagged by the Transport Scan.
Resolution	None required.