Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Unable to log in to Intrusion Defense Firewall - Exception caught attempting to start a job search

    • Updated:
    • 27 Jul 2016
    • Product/Version:
    • Intrusion Defense Firewall 1.5
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Standard 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Server R2
Summary

The following error message appears when logging in to the Intrusion Defense Firewall web console inside the OfficeScan Plug-in Manager section:

Unable to open Intrusion Defense Firewall interface. The plug-in could not validate the session. Please see the server0.log in the installation directory for more information.

The server0.log file in the C:\Program Files\Trend Micro\OfficeScan\AddOn\Intrusion Defense Firewall\ folder has a lot of the following entry:

SEVERE: Exception caught attempting to start a job search.

java.sql.SQLException: Could not allocate space for object 'dbo.managermessages'.'PK__managermessages__251C81ED' in database 'IDF' because the 'PRIMARY' filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup.

If the server0.log file has the entry "Unable to grant access", please check KB article: Unable to open Intrusion Defense Firewall interface - Unable to grant access.

Details
Public

This problem is more common on Intrusion Defense Firewall (IDF) Servers that are using the built-in Microsoft SQL Express for its database. The issue occurs because the SQL database has a disk size limitation of 4GB only. The large volume of IDF Agent logs/events recorded on the database pushes the disk size to reach the limit.

When the limit is reached, IDF can no longer perform new database transactions including any log in attempt to the web console.

You can address this issue by optimizing the IDF log retention. Follow the steps below:

Optimize the IDF log retention using these steps.

  1. Open a command prompt on the IDF Server and change directory to C:\Program Files\Trend Micro\OfficeScan\AddOn\Intrusion Defense Firewall\.
  2. Execute the following commands to reset the logs from the database.

    idf_c -action resetevents -type all
    idf_c -action resetcounters

  3. Stop the Intrusion Defense Firewall service.
  4. Log in to the SQL Express server using the SQL Management Studio Express.

     
    Microsoft SQL Management Studio Express should be installed on the IDF server. You can download Microsoft SQL Management Studio Express from Microsoft.
    1. Expand the Databases and select the IDF database.
    2. Choose to Shrink the Database, and then the Files of the IDF database.
    3. Start the Intrusion Defense Firewall service.
    4. Check if you can now log in  to the IDF web console.

Once log in is successful, use the following settings to optimize the log retention in the IDF database:

  1. Open the IDF console, go to Firewall > Stateful Configuration > Enable Stateful Inspection.
  2. Enable stateful logging on ICMP and UDP requests.
  3. Go to under System > System Settings > Firewall and DPI.
  4. Generate Firewall Events for packets that are 'Out of Allowed Policy'.
  5. Go to under System > System Settings > System
  6. Set the Prune settings to 7 days or less for the different Events and Counters.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy; Upgrade; Migrate
Solution Id:
1060388
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.