You can specify that logging should or should not occur for a specific rule. This can effectively reduce logging load, and it can be useful if a large amount of data is being logged from a specific protocol or source. For example, if you have a rule that denies DHCP requests and the log is filling up with many denied requests, you can disable logging for that rule.
 Note: |
|---|
| Access rules are created with logging enabled by default. |
To configure logging for a
specific rule
-
In the Forefront TMG Management console, in the tree, click the Firewall Policy node.
-
In the details pane, click the rule for which you want to enable logging.
-
On the Tasks tab, click Edit Selected Rule.
-
On the Action tab, do the following:
- To log traffic handled by the rule, click
Log requests matching this rule.
- To specify that traffic handled by the rule
should not be logged, clear Log requests matching this
rule.
Note:If you disable logging on the default deny rule, Forefront TMG cannot detect port scan attacks. - To log traffic handled by the rule, click
Log requests matching this rule.
Related Topics
Copyright © 2009 by Microsoft Corporation. All rights reserved.