Logs should always be stored in a safe location with tightly controlled access. By default, SQL Server Express logs and text file logs are stored in the ISALogs folder under the Forefront TMG installation folder.
You can specify an alternative log file location, including an environment variable such as %logDirectory%.
Note the following:
- If you specify a relative directory, the log
is saved in the ISALogs folder, under the Forefront TMG
- If you specify an absolute path, the actual
log folder may be different on every server.
- If the specified folder does not exist,
Forefront TMG will warn you that the specified location is not
valid and will try to create the folder.
For any alternative logging folder, the Network Service account must have read permissions from the root partition and any parent folder for the folder. On the logging folder itself, the following permissions are required:
- Network Service: Full Control
- System: Full Control
- Administrators: Full Control
If you change the log folder location and do not set the correct permissions, event ID 11002: Microsoft Firewall service failed to start may be issued in Event Viewer.