First I apologize if this was already posted, forum search and google did not bring any results, but I thought this could be helpful for others.
The alert function is useful for sending an email when a connectivity verifier fails, you can also start a program which does something. However, these settings apply if ANY of your connectivity verifier reports a problem. But what if you need specific actions for connection verifier a and others for verifier b?
The following steps use the new Task scheduler in W2K8 to solve this problem.
- Open Server Manager - In the left pane expand "Configuration" and choose "Task Scheduler" - In the Actions pane click "Create Task..." - Choose a name for this task, add a description if you want to - Make sure, a user with needed rights for your actions is set and activate "Run whether user is logged on or not" in the radio box. For actions which need administrative privileges, you can choose "Run with highest privileges" - Go on to the next register card "Triggers" and create a new trigger. - Choose Begin the task "On an event" - In the settings check "Custom" and click "New Event Filter" - In the Filter tab you activate the checkbox "Error" - Choose "By source" and right of it select "Microsoft Forefront TMG Firewall" in the pull down menu - Replace "<All Event IDs> with EventID for errors in connectivity verifiers: 21137 - Leave Task category blank - In keywords you choose "Classic"
Now the filter is set to activate on errors with any connectivity verifiers. If you take a deeper look in the Event viewer, you can see the name of the verifier under "Details" and selecting "XML View".
Next step is to set the filter to include the name which is stored in the first Data field under <EventData>:
In the Event Filter you now go to register card "XML", you will find the query we have generated so far. In the "<Select Path=" add " and *[EventData[Data[1]='NAME OF VERIFIER']] at the end. Assuming your connectifity verifier is called "test", the query should look like this:
<QueryList> <Query Id="0" Path="Application"> <Select Path="Application">*[System[Provider[@Name='Microsoft Forefront TMG Firewall'] and (Level=2) and (band(Keywords,36028797018963968)) and (EventID=21137)]] and *[EventData[Data[1]='test']] </Select> </Query> </QueryList>
In the future, you can also paste this query directly instead of using the "Filter" register card.
- Click OK and the correct trigger is now generated.
From that point on you can start programs/scripts you need in the "Actions" tab. Changing DNS-entries, web chaining rules, be creative!
If the connectivity verifier reports a reestablished connection, you can also create a task for this by changing in the filter "Information" instead of "Error" and EvendID 31310 instead of 21137.
< Message edited by shortman -- 15.Sep.2010 10:28:20 AM >
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> HOW TO: Set individual actions for connectivity verifiers 
HOW TO: Set individual actions for connectivity verifiers - 
RE: HOW TO: Set individual actions for connectivity ver... - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread