//
you're reading...
Uncategorized

Find Mac User EWS Connections With Log Parser Studio

Posted by Leave a comment

First you’ll need to install Log Parser Studio. I won’t go over the install process in this article, but recommend reading the Exchange Blog here. They cover everything you need to know about the product.

http://blogs.technet.com/b/exchange/archive/2012/03/07/introducing-log-parser-studio.aspx

You can either create a new query or just copy an existing. I just copied and existing, much easer and puts in the right category.

1. On the Library Tab locate EWS: Top 20 Users

2. Click on the lock to make the content editable and add the information below.

SELECT TOP 20000 cs-username AS UserID,
cs(User-Agent) AS Application,
cs-uri-stem AS Vdir,
c-ip AS CLIENT,
cs-method,
Count(*)
FROM ‘[LOGFILEPATH]’
WHERE cs-uri-stem LIKE ‘%EWS%’ AND cs(User-Agent) LIKE ‘%Mac%’
GROUP BY UserID, Application, Vdir, Client, cs-method
ORDER BY COUNT(*) DESC

3. Now you just need to copy all your IIS logs from all your CAS servers to a central location and run the new query. I like to run these on my virtual desktop.

That’s it. 🙂

Advertisement

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Categories

Archives

Blogroll

Meta

%d bloggers like this: