Log Purge Tool for FSSMC

  • Article

I wanted to introduce you to a handy, but little-known tool that we have for FSSMC (Forefront Server Security Management Console). The Log Purge Tool comprises of a GUI and some SQL scripts, which allow you to easily backup and purge old data from your FSSMC SQL databases.

As you use Forefront Server Security Management Console over time, you may find that the associated SQL databases grow undesirably large. The Log Purge Tool helps to manage the size of these databases, especially if you’re running the (4GB-limited) SQL Express Edition.

The Log Purge Tool contains options to:

• Purge entries that are older than the number of months that you specify;

• Purge entries immediately, or schedule to run weekly;

• Purge Notifications and/or Statistics;

• Backup the databases that are being purged.

Here’s a screenshot (of the main GUI window) to give you an idea of what it can do:

Forefront Log Purge

You can review the LogPurge ReadMe file of course to get up-to-date usage of this tool, but you didn’t need me to tell you that ;)

Here are a few notes on scheduling purges and backups (they run simultaneously) to get you started:

Scheduling a Purge using SQL Enterprise Edition

The tool uses the SQL Agent Service for scheduling, so make sure you have that service up and running before trying to schedule a purge. The user account that you specify must also have local admin permissions to be able to run (and also needs write access to the backup path, if entered). You can only create one scheduled purge job. If you click on the ‘Schedule’ button and a job is already present, it’ll ask you whether you want to overwrite it or not.

If you specified a path in the ‘Backup to:’ field, a .bak file is created after each successful backup. You’ll also notice that there is a new LogPurgeBackup database present in SQL as well.

Scheduling a Purge using SQL Express Edition

This is pretty much the same as for the Enterprise Edition, but a Windows Scheduled Task is created instead of a SQL job. You will still need to specify a local admin account to run the backup.

Cheers,

Andy

CSS Security