In my previous post I described how to extract data from the IIS logs for one or multiple user/users or device/devices. This post is more about analytic or statistic tasks you can perform with this script.
There are the following reports available:
This report is based on the script “A script to troubleshoot issues with Exchange ActiveSync”. There are minor changes as I added support for sync types (First, Subsequent, Recovery and Invalid) and removed some fields for commands and IIS errors. Nevertheless a really good report to get an overview. This report can be combined with a user. The report is sorted by the number of hits. In the following example I used LoadGen to generate requests:
.\Get-IISStats.ps1 -Outpath C:\Temp\Output -StartDate 141020 -EndDate 141020 -EASReport
Within this AD-site (HQ-Site) the script found 2 Exchange server. One Exchange 2010 (EX01) and one Exchange 2013 (EX02). The output is in the folder C:\Temp\Output. The format is yyMMDD_EASReport_<AD-Site>HH-mm-ss.csv and yyMMDD_EASReport<UserID>_<AD-Site>_HH-mm-ss.csv when you combined it with a user.
And that’s how it looks like:
The EASErrorReport will extract all the errors any ActiveSync device genereated. You will have a list of errors per server, user, deviceid, the error itself and the count. This could be helpfull to pinpoint a specific server or to get a general overview what’s going on.
.\Get-IISStats.ps1 -Outpath C:\Temp\Output -StartDate 141020 -EndDate 141020 -EASErrorReport
Same server were found and the output could be found in the OutPath. The format is yyMMDD_EASErrorReport_<AD-Site>HH-mm-ss.csv and yyMMDD_EASErrorReport<UserID>_<AD-Site>_HH-mm-ss.csv when you combined it with a user.
This report will list all the clients (cs(User-Agent)), total number of hits and the requested URI.
Note: The number is the number of hits and not the number of unique clients!
PS C:\Scripts> .\Get-IISStats.ps1 -Outpath C:\Temp\Output -StartDate 141020 -EndDate 141020 -ClientReport
The format is yyMMDD_ClientReport_<AD-Site>_HH-mm-ss.csv
And looks like this
I added the request URI just to distinct what service was used by what client.
This is really an important report when it comes to unique clients and network usage. In order to get all the details about the usage you need to have configured extended logging for the fields cs-bytes and cs-bytes.
The output will be 4 files:
- Data (Hour,Vdir,User,EASDeviceId,KB received,KB sent,KB Total) yyMMDD_Clientbandwidth_<AD-Site>_HH-mm-ss_data.csv
- EASDevices contains the number of unique ActiveSync devices per hour (Hour,UniqueEASDeviceS) yyMMDD_Clientbandwidth_<AD-Site>_HH-mm-ss_easdevices.csv
- Rate contains the calculate bandwidth usage per hour (Hour,kB/s KiloBytes/s,MB/s MegaBytes/s,kbps,Mbps) yyMMDD_Clientbandwidth_<AD-Site>_HH-mm-ss_rate.csv
- Users conatins all unique users per hour (Hour,UniqueUsers) yyMMDD_Clientbandwidth_<AD-Site>_HH-mm-ss_users.csv
Whereas the files EASDevices, Rate and Users will show you the numbers per hour, the Data file is the one you should be interested in. Once you have it import it in Excel and create a PivotChart as follows:
- Insert PivotChart
- For Table/Range click on cell A1
- Press Strg+Shift+End to select all data
- Now add “Hour” to “Axis Fields and “Vdir” to “Legend Fields”
- Depending on what you want you now can add other fields to “Values”
In this example I picked KB total for OAB,EWS and ActiveSync
This is an example for unique users OAB,EWS, Autodiscover and ActiveSync
This report is really helpfull in questions related to bandwidth. It could be helpfull when you’re planning for O365. Neil did a great job with the “Exchange Client Network Bandwidth Calculator”. With this script you can partly verify your calculation.
When you are on Exchange 2010 you still have the RPC traffic. Sadly this traffic is not logged in a way that you can get the transfered bytes. If you have a dedicated load balancer you want to have a look into its reporting capabilities to get exact numbers. At least you will get a detailed overview who is using your Exchange servers and how much traffic is generated.
This is the last report and very helpful to check your servers health from HTTP.sys perspective.
PS C:\Scripts> .\Get-IISStats.ps1 -Outpath C:\Temp\Output -StartDate 141020 -EndDate 141020 -HTTPBeport
The output could be found in the format yyMMDD_HTTPErrorReport_<AD-Site>_HH-mm-ss.csv
And you will get a list of errors per server sort by number of hits
As last you will get by default, when you don’t use any parameter, 4 files as follows:
- Collect all IIS errors (Request,HttpStatus,Win32Status,SourceIP,Hits) yyMMDD_IIS_errors.csv
- All hits for this day per user (SourceIP,OverallHits,User,Client,Bytes received,Bytes sent,EASRequest) yyMMDD_hits_by_ip.csv
- All hits by hour (Hour,Hits,EASHits) yyMMDD_hits_by_hour.csv
- All EAS devices (EASDeviceId,UserAgents) yyMMDD_eas_devices.csv
PS C:\Scripts> .\Get-IISStats.ps1 -Outpath C:\Temp\Output -StartDate 141020 -EndDate 141020
Here the 4 files in the OutPath
And here how it looks when you do some analytics with Excel
I hope you will find this useful and it helps you to determine and solve any issues!