Logging ISA Traffic
One of the most powerful troubleshooting tools at the disposal of ISA administrators is the
logging mechanism, which gives live or archived views of the logs on an ISA server, and
allows for quick and easy searching and indexing of ISA Server log information, including
every packet of data that hits the ISA server.
NOTE
Many of the advanced features of ISA logging are available only when MSDE or SQL
databases are used for the storage of the logs.
FIGURE 19.6 Configuring SMTP Screener Logging components.
494 CHAPTER 19 Monitoring and Troubleshooting an ISA Server 2006 Environment
Examining ISA Logs
The ISA logs are accessible via the Logging tab in the Details pane of the Monitoring node,
as shown in Figure 19.7. They enable administrators to watch, in real time, what is
happening to the ISA server, whether it is denying connections, and what rule is being
applied for each Allow or Deny statement.
The logs include pertinent information on each packet of data, including the following
key characteristics:
. Log Time??”The exact time the packet was processed.
. Destination IP??”The packet??™s destination IP address.
Pages:
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765