How to log OWA Access ? (to trackdown IP Address and connected mailbox)

Posted on 2008-11-04
Last Modified: 2012-05-05
To All Expert,

I'm just wondering and been looking around if there's anyway to get the IP address detail of OWA access (anyone who use OWA, their IP and username is logged) and probably write it down to SQL Server database or even just simple text file will do.

is this something that IIS 6.1 can do or should i do it in ASP 3.0 way ?

the reason I'm doing this is for company compliance policy to trackdown the OWA usage and making sure that certain username that accessing a particular IIS directory is logged properly.

Question by:jjoz
    LVL 14

    Expert Comment

    Go to the default website's log path which is typically...


    and you should see an entry such as this...

    2008-11-05 06:51:20 GET /exchange

    There will be other entries as well.... You can test it by going from your home IP and then checking the logs and see all the entries logged with GET requests matching your IP.

    I hope this helps.

    LVL 1

    Author Comment


    thanks for your reply Top_rung,
    I can see it like the following attached file.

    is it because my CAS is sitting behind proxy/firewall ?

    if it yes, then there's no other way apart from parsing the file manually then.

    2008-11-04 23:58:31 W3SVC1 <ExcServer IP> POST /owa/ev.owa oeh=1&ns=Notify&ev=Poll 443 - <PROXY SERVER IP> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) 401 1 0
    2008-11-04 23:58:31 W3SVC1 <ExcServer IP> POST /owa/ev.owa oeh=1&ns=Notify&ev=Poll&prfltncy=0&prfrpccnt=0&prfrpcltncy=0&prfldpcnt=0&prfldpltncy=0&prfavlcnt=0&prfavlltncy=0 443 DOAMIN.COM\Administrator <PROXY SERVER IP> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) 200 0 0

    Open in new window

    LVL 14

    Accepted Solution


    Sorry for the late response.  Yeah, it looks like you won't get the info there due to the proxy.  I presume you will need to get the information from the proxy logs - that is, look for whatever is destined for the exchange owa - you should see the source IP there (assuming you are logging that info).
    LVL 1

    Author Closing Comment

    easy to understand

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Suggested Solutions

    Title # Comments Views Activity
    Email Body 4 30
    SMTP Relay with Office 365 5 31
    IIS Question 8 34
    Disable License Options 2 18
    Use email signature images to promote corporate certifications and industry awards.
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
    This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now