Submit a ticketCall us

Bridging the ITSM Divide
Integrated help desk and remote support software for faster resolution

Join us on Wednesday, November 29, 2017 at 11 a.m. CT, as we discuss the benefits of effectively integrating your help desk software with remote support solutions to help increase the efficiency of IT administration, improve communication, and decrease mean time to resolution (MTTR) for IT issues of all sizes. This directly impacts end-user satisfaction and your business’ bottom line. Register Now.

Home > Success Center > Log & Event Manager (LEM) > LEM - IIS Advanced Logging

LEM - IIS Advanced Logging

Updated 08/10/2017

Overview

This article describes how to set up the Microsoft IIS W3C Advanced Logging connector for LEM.

Environment

  • LEM all versions

Steps


Set up the connector to receive the logs

  1. Open the connectors on the node where IIS has been installed:
    MANAGE>Nodes>IIS Node>Gear Icon>Connectors
    Open Connectors
  2. Type IIS in the search bar on the top left and then click the Gear Icon on the left hand side of the Microsoft IIS Advanced Logging Connector and select New:
    Create a New Connector
  3. Set up the IIS Advanced Logging Connector to point at the correct log file location: Make sure to review the folder path on the node.
    Log File Location
  4. Set the correct prefix and postfix for the log files in that location: Make sure to look at the log file on the node.
    Log File Prefix
    Log File Postfix
  5. Save the Connector and Start it:
    Save the Connector

 

Check for the Logging

  1. Create a Filter in the MONITOR>Filters area of the LEM WebConsole or Adobe Air Console to watch the incoming data using AnyAlert.ToolAlias=*Microsoft IIS W3C Advanced Logging* (make sure to modify the name if you changed the alias on the connector) and save the Filter:
    Filter Setup
  2. Send the Filter Query to nDepth to review the data if needed or recreate the search in EXPLORE>nDepth:
    Send to nDepth
  3. If you are seeing data the IIS logging has started. If not, you will need to check the following items in IIS.

 

Set up IIS to send the logs to the log file in the correct format

  1. Open IIS and select the Advanced Logging:Advanced IIS Logging
  2. On the Advanced Logging page, Double click on the Group Name to open the Log Definition page:Advanced IIS Logging
  3. On the Log Definition page click on the [Select Fields...] button to open the Select Logging Fields page:Advanced IIS Logging
  4. Make sure the following items are checked on the Select Logging Fields page:

    date
    time
    s-ip
    cs-method
    cs-uri-stem
    cs-uri-query
    s-port
    cs-username
    c-ip
    cs(User-Agent)
    cs(Referer)
    sc-status
    sc-substatus
    sc-win32-status
    TimeTakenMS
    X-Forwarded-For

    Advanced IIS Logging
  5. Apply the settings and restart IIS and the logging should start to come in after a few minutes.


Contact SolarWinds Technical Support if this does not cause the Advanced IIS logs to begin showing up on the LEM.

 

Last modified

Tags

Classifications

Public