Using Logparser with IIS logs to filter connection statistics for Exchange Server
Often we need to get statistics of connection types of users connecting to Exchange.
Logparser provides a very easy way to get a detailed statistics of connection types based on IIS logs.
This is where you can download Logparser (for free):
we can use following queries to get a detailed list of users & theri connections types, number of connection attempts Device Type
To list all ActiveSync connections that are using the un-patched version of the iphone:
======================================================
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%Microsoft-Server-ActiveSync%’ AND cs(User-Agent) LIKE ‘%801.293%’ GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\easdevice.txt
To list all Free busy lookups/OOF connections:
=============================
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%/EWS/Exchange.asmx%’ AND cs-username IS NOT NULL GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\ems.txt
To list all OAB connections:
=================
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%/OAB/%’ AND cs-username IS NOT NULL GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\oab.txt
To list all owa connections:
=================
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%/owa/%’ AND cs-username IS NOT NULL GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\owa.txt
To list all RPC over HTTPS connections:
========================
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%/rpc/%’ AND cs-username IS NOT NULL GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\rpc.txt
To list all Autodiscover connections:
=======================
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%/Autodiscover/%’ AND cs-username IS NOT NULL GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\auto.txt
3 Responses to “Using Logparser with IIS logs to filter connection statistics for Exchange Server”
Leave a Reply
Search
Recent Posts
- SQL Server Reporting Services Integration with SharePoint – Error On attempt to setup subscription for an external email address
- Mysites deleted after recreating User profile Sync connection – SharePoint 2010
- Outlook Profile Still Pointing to Exchange Server 2007 After Move Mailbox to Exchange Server 2010 – Exchange 2007 to Exchange 2010 Migration Issue
- How to Install Exchange 2013 RTM on Windows Server 2012
- How to Grant Read Access Permission on a Mailbox in Exchange Server 2010/2013
Categories
- BlackBerry Enterprise Server
- Exchange Server 2007
- Exchange Server 2010
- Exchange Server 2013
- Uncategorized
Blog Archive
- April 2013
- March 2013
- January 2013
- December 2012
- November 2012
- October 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- November 2011
- October 2011
[...] I also used Logparser to collect statistics, I documented this process in my previous post here at http://messagingserversupport.com/2012/01/20/using-logparser-with-iis-logs-to-filter-connection-stat… [...]
Thnks for the post Im haveing the same issues, when i run:
logparser “SELECT cs-username AS UserID, cs(User-Agent) AS DeviceType, time as Time FROM c:\log\u_ex101210.log WHERE cs-uri-stem LIKE ‘%Microsoft-Server-ActiveSync%’ AND cs(User-Agent) LIKE ‘%801.293%’ GROUP BY Time, UserID, DeviceType” -rtp:-1 > c:\log\easdevice.txt
I get:
error: detected extra argument "cs-username after query
Any Ideas,
Thanks in advance,
when You copy past script quotation marks and apostrophe are diffirent. You have delete and copy and type it manually.