Unable to log in to Intrusion Defense Firewall - Exception caught attempting to start a job search

This problem is more common on Intrusion Defense Firewall (IDF) Servers that are using the built-in Microsoft SQL Express for its database. The issue occurs because the SQL database has a disk size limitation of 4GB only. The large volume of IDF Agent logs/events recorded on the database pushes the disk size to reach the limit.

When the limit is reached, IDF can no longer perform new database transactions including any log in attempt to the web console.

You can address this issue by optimizing the IDF log retention. Follow the steps below:

Optimize the IDF log retention using these steps.

1. Open a command prompt on the IDF Server and change directory to C:\Program Files\Trend Micro\OfficeScan\AddOn\Intrusion Defense Firewall\.

2. Execute the following commands to reset the logs from the database.

   idf_c -action resetevents -type all
   idf_c -action resetcounters

3. Stop the Intrusion Defense Firewall service.

4. Log in to the SQL Express server using the SQL Management Studio Express.

    

   Microsoft SQL Management Studio Express should be installed on the IDF server. You can download Microsoft SQL Management Studio Express from Microsoft.
   1. Expand the Databases and select the IDF database.
   2. Choose to Shrink the Database, and then the Files of the IDF database.
   3. Start the Intrusion Defense Firewall service.
   4. Check if you can now log in  to the IDF web console.

Once log in is successful, use the following settings to optimize the log retention in the IDF database:

1. Open the IDF console, go to Firewall > Stateful Configuration > Enable Stateful Inspection.
2. Enable stateful logging on ICMP and UDP requests.
3. Go to under System > System Settings > Firewall and DPI.
4. Generate Firewall Events for packets that are 'Out of Allowed Policy'.
5. Go to under System > System Settings > System. 
6. Set the Prune settings to 7 days or less for the different Events and Counters.