This article describes how to configure logging for Internet Security and Acceleration (ISA) Server. ISA Server provides an extensible, multiple-layer enterprise firewall and a scalable, high-performance Web cache server.
To configure logging for ISA Server in ISA Server 2000
There are eight procedures that you can perform to configure logging for ISA Server.
To Configure Logging to a Database
- In the console tree of ISA Management, click Internet Security and Acceleration Server, click Servers and Arrays, click the name of the server or array, click Monitoring Configuration, and then click Logs.
- In the details pane, right-click the applicable service, and then click Properties.
- On the Log tab, click Database.
- Confirm or modify the following parameters:
- ODBC data source (DSN)
- Table name
- User account
To Configure Logging to a File
- In the console tree of ISA Management, click Logs.
- In the details pane, right-click the applicable service, and then click Properties.
- On the Log tab, click File.
- In Format, click the log format.
- In Create new file, click a time period that specifies how often a new log file is created.
To Compress Log Files
- In the console tree of ISA Management, click Logs.
- In the details pane, right-click the applicable service, and then click Properties.
- On the Log tab, click File.
- Click Options.
- Click to select the Compress log files check box.
To Set the Maximum Number of Log Files
- In the console tree of ISA Management, click Logs.
- In the details pane, right-click the applicable service, and then click Properties.
- On the Log tab, click File.
- Click Options.
- Click to select the Limit number of log files check box, and then enter the maximum number of log files that you want to keep for the array.
To Enable Logging for a Specific Service
- In the console tree of ISA Management, click Logs.
- In the details pane, right-click the applicable service, and then click Properties.
- On the Log tab, click to select the Enable logging for this service check box.
To Specify Fields to a Log
- In the console tree of ISA Management, click Logs.
- In the details pane, right-click the applicable service, and then click Properties.
- On the Fields tab, perform one of the following tasks:
- To select specific fields, click to select the appropriate check box.
- To click to clear all of the check boxes in the field list, click Clear All.
- To click to select all of the check boxes in the field list, click Select All.
- To select a default set of fields in the ISA Server log file, click Restore Defaults.
To Log Allowed Packets
- In the console tree of ISA Management, click Internet Security and Acceleration Server, click Name, click Access Policy, right-click IP Packet Filters, and then click Properties.
- On the Packet Filters tab, click to select the Log packets from 'Allow' filters check box.
To Log Blocked Packets
- In the console tree of ISA Management, click IP Packet Filters.
- On the View menu, confirm that "Advanced" has a check mark symbol next to it.
- In the details pane, right-click the block-mode Internet Protocol (IP) packet filter that you want to modify, and then click Properties.
- On the General tab, click to select the Log any packets matching this filter check box.
For ISA Server 2004
For more information about logging in ISA Server 2004, click the following article number to view the article in the Microsoft Knowledge Base:
838241�
How to configure logging in ISA Server 2004
For ISA Server 2006
For more information about how to set up logging in ISA Server 2006, visit the following Microsoft Web site:
For Microsoft Forefront Threat Management Gateway, Medium Business Edition
For more information about logging in Forefront Threat Management Gateway, visit the following Microsoft Web site: