IIS Log Analyzer

IIS (Internet Information Server) is a group of Internet servers including web, HTTP and FTP integrated with MS Windows NT and Windows 2000 Server operating system. IIS offers different ways to record web activities on FTP sites, NNTP services, and SMTP services through log files. Furthermore, it provides the option to choose the log file format.

IIS logging is far more detailed and informative than Windows Event Log Viewer and aids in effective performance monitoring. The type of information present in IIS log file include users who visited the site, attempts made to access the site, the site content that was viewed, the last time site information was viewed. Apart from these, IIS log files also offer information about the virtual folders, virtual files and the attempts made to read and write those files or folders.

IIS Centralized Binary Logging

Through centralized binary logging, IIS creates a single log file containing binary and unformatted log data for all web sites hosted on a server. This logging method provides organizations a way to record information about all their web sites in detail without utilizing many resources. Centralized log files use a specialized parser in order to interpret the log files.

IIS Log File formats

There are six log file formats available in IIS that can be used to track and analyze the IIS based web sites and services. Apart from the six available formats, it is also possible to create custom log file formats using the Custom Logging Modules.

Following are the log file formats available in IIS centralized logging:

W3C Extended Log File Format: Text-based, customizable format for a single site. This is the default format.
W3C Centralized Logging: All data from all Web sites is recorded in a single log file in the W3C log file format.
NCSA Common Log File Format: Text-based, fixed format for a single site.
IIS Log File Format: Text-based, fixed format for a single site.
ODBC Logging: Fixed format for a single site. Data is recorded in an ODBC-compliant database.
Centralized Binary Logging: Binary-based, unformatted data that is not customizable. Data is recorded from multiple Web sites and sent to a single log file. To interpret the data, you need a special parser.
HTTP.sys Error Log Files: Fixed format for HTTP.sys-generated errors.

A log file directory created at C:\LogFiles for HTTP.sys-generated logging (W3C Extended log file format, NCSA Common log file format, IIS log file format, centralized binary logging, or HTTP.sys error logging), generates the following subdirectories as log file locations:

For the W3C Extended, NCSA Common, and IIS log file formats: C:\LogFiles\W3SVC#, where # is the site ID
For centralized binary logging: C:\LogFiles\W3SVC
For HTTP.sys error logging: C:\WINDOWS\System32\LogFiles\HTTPErr

The IIS log analyzers are tools to access and view the IIS log files in any of the above mentioned file formats so as to analyze the web servers. By using these analyzers, server managers are able to gain statistical data about the sites’ usage. Analysts can generate detailed reports in HTML, CSV and PDF formats with information about site visitor activity, referring pages, visitors’ geographical location and IP addresses, etc. along with details of sites’ properties.