If that's a single file, I'd use a file splitter to make that into about
1,000 files, and then take the first 20 lines out of each file.
Enumerating the users in those lines should show you which account is
generating the the bulk of the lines. I'd get a count of the lines in those
files with 'wc'
I think the OP is referring to the Exchange database's transaction logs,
which are not human readable text.
That said, I did run across the link below by Googling "exchange
transaction log parser." It mentions 2007, but may be applicable to 2010
as well. Basically, the author uses the *nix strin
Hmmm, what I took away from that thread is that the 'strings' approach
failed to produce useful output for any respondents, whereas ExMon
turned up all sorts of potentially useful stuff including the source
of 'Log Bytes'.
Being familiar with 'strings' and having a vague notion of what might
be lu
That's interesting - the problems I had under E2003 with exploding
logs were in logs that are human readable. I did not know that might
change under E2010.
Kurt
On Thu, Jan 26, 2012 at 20:51, Richard Stovall wrote:
> I think the OP is referring to the Exchange database's transaction logs,
> whic
d required, but
thats a battle I continue to loose...
jlc
From: Steve Kradel [skra...@zetetic.net]
Sent: Thursday, January 26, 2012 10:52 PM
To: MS-Exchange Admin Issues
Subject: Re: Analysing e2k10 transaction logs
Hmmm, what I took away from that thre
Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, January 27, 2012 10:00 AM
To: MS-Exchange Admin Issues
Subject: Re: Analysing e2k10 transaction logs
That's interesting - the problems I had u
: Analysing e2k10 transaction logs
You can still use the IIS logs (if you have them turned on) to see data VOLUME
- which can track user, source ip, data read, data written, etc.
However, that doesn't allow you to see actual data CONTENT.
The process described here allows you to examine co
EssentialExchange.com
>
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, January 27, 2012 10:00 AM
> To: MS-Exchange Admin Issues
> Subject: Re: Analysing e2k10 transaction logs
>
> That's interesting - the problems I had unde
Yup, logparser made for a nice query and output that was far more usable!
Thanks,
jlc
From: Michael B. Smith [mich...@smithcons.com]
Sent: Monday, January 30, 2012 8:15 AM
To: MS-Exchange Admin Issues
Subject: RE: Analysing e2k10 transaction logs
You can
anks,
> jlc
>
> From: Michael B. Smith [mich...@smithcons.com]
> Sent: Monday, January 30, 2012 8:15 AM
> To: MS-Exchange Admin Issues
> Subject: RE: Analysing e2k10 transaction logs
>
> You can still use the IIS logs (if you have t
ject: Re: Analysing e2k10 transaction logs
Haven't never used logparser, would it simply be loading the IIS/SMTP log file
via gui, or is there a command line option to run ?
Thanks,
H
On Mon, Jan 30, 2012 at 1:06 PM, Joseph L. Casale
mailto:jcas...@activenetwerx.com>> wrote:
Yup,
gt; Sent: Monday, January 30, 2012 8:15 AM
>> To: MS-Exchange Admin Issues
>> Subject: RE: Analysing e2k10 transaction logs
>>
>> You can still use the IIS logs (if you have them turned on) to see data
>> VOLUME - which can track user, source ip, data read, data written,
12 matches
Mail list logo
