To log requests matching a rule

1. In the console tree of ISA Server Management:
   • For ISA Server 2006 Enterprise Edition, for enterprise-level requests, expand Microsoft Internet Security and Acceleration Server 2006, expand Enterprise, expand Enterprise Policies, and then click Enterprise_Policy.
   • For ISA Server 2006 Enterprise Edition, for array-level requests, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.
   • For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.
2. In the details pane, click the rule for which logging should be enabled.
3. On the Tasks tab, click Edit Selected Rule.
4. On the Action tab, select the Log requests matching this rule check box.

Note

• To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.

Important

• If a large amount of data is being logged from a specific protocol or source, you can create a new rule, which applies to that type of traffic, for which requests are not logged. For example, suppose your policy does not allow DHCP requests, and as a result, there are many DHCP requests that are being denied. You can create a new access rule that denies DHCP requests, but does not log the requests.
• By disabling logging for a specific rule, you effectively reduce the load on the ISA Server computer if it is under attack. However, note that if you disable logging on the default deny rule, ISA Server cannot detect port scan attacks.

Related Topics

---

Get latest ISA Server content at ISA Server Guidance. Send feedback about this page.

• English-to-Russian translation