In the past month I had several times the need for collecting event logs across multiple servers or parsing exported ones from *.evtx files. Get-WinEvent is the perfect Cmdlet for doing this as you can use it for querying both with.
But of course the out-of-the-box experience, usage and output didn’t fit others and my own requirements. Therefore I ended-up in writing a new script.
Continue readingI often have to perform searches in the Exchange AdminAuditLogs on-premises and in EXO or in the UnifiedAuditLogs, which are only in EXO available. Depending on the need I either analyse them using Out-GridView or export them to CSV file.
Challenge is always proper formatting. There are thousands way of doing, but here are my.
Continue readingIn a previous post here, I wrote about a few basic commands, which are useful to quickly gather information about transport component of an Exchange server.
In this post I want to give you a deep dive about it and how you can explore what the CmdLet can do for you as it evolves in each Exchange version and can be very useful.
In the past I had to deal with some performance issues, which were really tricky to narrow down. It turned out that the servers spent too much time in Garbage Collection for a protocol used by Outlook clients: MAPI over HTTP.
As this was not obvious and it took some time to identify, but the impact could be extremely critical, I thought it would makes sense to explain what happened and how you can avoid this situation. Continue reading
A while a go I wrote the initial script and post about it here. Due to my experience over the last few weeks and to meet additional requirements it was time to go over the script and extend its functionality. I thought about updating the previous post, but due to the major changes I decided to create this new post.
Many thanks to fellow MCM/MCSM Thomas Stensitzki, who added some code for nicer format and preview when sending the output as e-mail:
There is a new version available on GitHub. You can find the script and any new version here:
https://github.com/IngoGege/Get-ActiveExchangeUsers
I added a bunch of new features and improvements:
Please read the Readme. I have also some posts queued to show the daily usage.
The script will query multiple performance counters from Exchange servers in a given AD site.
Shows the number of users connected to the service.
Shows the total number of client connections maintained.
Shows the number of unique users currently connected to a back-end server via RPC/HTTP.
In this post I’m going to show you how to troubleshoot connectivity issues, specifically RPC Client Access.
Do you think this is only a topic for Exchange 2010? That’s not true as Exchange 2013 has still the service Microsoft Exchange RPC Client Access. And there are still logs written for.
What do you need in order to parse those logs?
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
In my previous post I described how to extract data from the IIS logs for one or multiple user/users or device/devices. This post is more about analytic or statistic tasks you can perform with this script.
There are the following reports available:
The CmdLet Get-ExchangeDiagnosticInfo is not very well documented, but very useful if you want to see your server’s health state. Brian Reid already posted more details and how to format the output. You can find his post here.
After I read about it, this CmdLet got one of my favorites and I use it very often in my daily work.
In Exchange 2010 there are only 2 processes you can query:
Please read the new post with the new version of the script here
If you want to know how many unique users per protocol are currently connected to your Exchange server you can pull it from performance counters:
Shows the number of users connected to the service
Shows the total number of client connections maintained
Shows the number of unique users currently connected to a back-end server via RPC/HTTP
The clueless guy 