Monitoring alerts

You can monitor triggered alerts on the Alerts tab. This topic explains how to analyze alerts that appear in the tab. For information about configuring alerts, see Configuring alert definitions.

Where to start: To monitor alerts, in the Forefront TMG Management console tree, click the Monitoring node. Then click the Alerts tab.

In the details pane click to expand an alert group, and then select the triggered alert. The following information is displayed for each alert:

  • Alert name. The name of the alert definition. For a complete list, see Alert definitions.
  • Latest. The date and time that the alert was issued.
  • Status. The alert status shows whether the alert has been acknowledged. Events that are not acknowledged have a status of "New".
  • Category. Specifies whether the alert was issued by the Firewall service.
  • Server. Specify the Forefront TMG server that issued the alert.
  • Severity. Specifies whether the alert indicates an error, warning, or information.

Information about each alert can also be viewed in the Windows Event Viewer.

You can manage alerts as follows:

  1. By default the alerts pane is automatically updated at regular intervals. To change the setting, select a value in Automatic Refresh Rate on the Tasks tab.
  2. To force a manual refresh of alerts appearing on the page, click Refresh Now on the Tasks tab.
  3. To reset an alert, select the alert in the details pane, and then click Reset Selected Alerts. This effectively removes it from the Alerts tab.
  4. To acknowledge an alert, select the alert in the details pane, and then click Acknowledge Selected Alerts on the Tasks tab. This indicates that you are handling a specific alert, or group of alerts. Status of those alerts is changed to "Acknowledged", and those alerts are no longer displayed on the Dashboard tab.
When the Microsoft Forefront TMG Control service is restarted or the Forefront TMG computer restarts, all alerts are automatically reset.