If you would like to read the next part in this article series please go to Microsoft Forefront UAG – Forefront UAG monitoring and debugging (Part 2).
Let’s begin
Forefront UAG has some built-in capabilities for monitoring users accessing the Forefront UAG trunks.
The first step in monitoring Forefront UAG is to keep an eye on the Forefront TMG and Forefront UAG services.
Get your copy of the German language “Microsoft ISA Server 2006 – Das Handbuch”
The following table lists all required Forefront TMG services which should be monitored carefully.
Table 1: Forefront TMG services (source: http://technet.microsoft.com/en-us/library/ff607335.aspx)
Table 2 lists all required Forefront UAG services.
Table 2: Forefront UAG services (source: http://technet.microsoft.com/en-us/library/ff607335.aspx)
If you use the Microsoft System Center Operations Manager it is possible to monitor Forefront TMG and UAG services, with the help of TMG and UAG SCOM management packs.
Event logging
Forefront UAG and TMG stores many events in the Windows Server 2008 R2 event log, and in addition it is possible to configure the Forefront UAG own monitoring. To configure general event logging in Forefront UAG start the UAG management console and navigate to Admin – Event Log Settings.
Figure 1: Configure Forefront UAG logging
Forefront UAG has some built-in log files which can be configured from the Forefront UAG management console as shown in the following screenshot.
Figure 2: UAG built in logging
The ConfigMessages log file shows the same content as the Forefront UAG Activation monitor. We will talk about the Forefront UAG Activation Monitor later on in this article.
Figure 3: UAG ConfigMessages
The Built-in logs of Forefront UAG can be very helpful when troubleshooting Forefront UAG problems and for acquiring a better understanding of how Forefront UAG works under the hood. You can find the built-in log file in Logs – Events directory under the Forefront UAG installation directory.
Figure 4: UAG builtin logfiles
Administrators are able to filter Forefront UAG messages to reduce the amount of displayed events in the event viewer or the message window in the Forefront UAG management console.
Figure 5: UAG message filter
Forefront UAG Web Monitor
The Forefront UAG Web Monitor should be the first place to go when monitoring the Forefront UAG Server. The Web Monitor is divided into different monitors. You are able to monitor the Active Sessions of users which are connected to the Forefront UAG portal trunks. You are also able to monitor the sessions for published applications in a Forefront UAG portal trunk and if you configured Forefront UAG for DirectAccess it is also possible to monitor the active DirectAccess sessions, and to get an overview about the Forefront UAG DirectAccess state on the Forefront UAG Server. If you configured Forefront UAG as an array you are able to monitor the state of the Forefront UAG array.
Figure 6: Forefront UAG Web Monitor
With Web Monitor you are able to filter all Forefront UAG messages for different trunks and Forefront UAG categories.
Figure 7: Forefront UAG Web Monitor and custom event query
The Forefront UAG Web Monitor also allows you to filter and display Forefront UAG events. It is possible to filter events in Forefront UAG for the System, Security, Application and Session as shown in the following screenshot.
Figure 8: Forefront UAG Event Viewer
Forefront UAG Activation Monitor
The Forefront UAG Activation monitor monitors all synchronization activities between the different Forefront UAG components and the underlying Forefront TMG Server. Forefront UAG synchronizes the configuration changes made in Forefront UAG with Forefront TMG. The UAG Activation Monitor should always be used to see if configuration changes in Forefront UAG are sucessfully applied to the different Forefront UAG components and the Forefront TMG configuration.
Figure 9: Forefront UAG Activation Monitor
At the bottom of the following screesnhot you can see the integration between Forefront UAG and Forefront TMG. Forefront UAG synchronizes the configuration with Forefront TMG storage (AD-LDS) and after that you see the message that the Forefront UAG activation was successfully.
Figure 10: Forefront UAG Activation Monitor
Forefront TMG monitoring
Most of the Forefront UAG configuration changes must be made through the Forefront UAG management console. The Forefront UAG Web Monitor is a great resource for monitoring Forefront UAG activities but if you need access to live logging activities when troubleshooting access from external clients to the Forefront UAG Server you must use the Forefront TMG live logging capabilities. This will allow you to see the allowed/denied network traffic from external clients as shown in the following screenshot.
Figure 11: Forefront TMG live logging
Conclusion
In this article I tried to give you some helpful information on how to monitor your Forefront UAG Server environment, how to monitor user sessions and how to use Forefront TMG for live logging Forefront UAG traffic. In part II of this article series I will go deeper into Forefront UAG debugging and tracing capabilities.
Related links
- Monitoring the status of Forefront UAG services
- Monitoring Forefront UAG DirectAccess SP1
- Planning for monitoring and logging
- Microsoft Forefront UAG – Overview of Microsoft Forefront UAG
- Forefront UAG technical overview
If you would like to read the next part in this article series please go to Microsoft Forefront UAG – Forefront UAG monitoring and debugging (Part 2).
