Logging SMTP traffic in Exchange, detailed and in real time
I am used to linux mail systems (postfix) and its superb log files for everything.
I'm looking for great tools for monitoring the smtp traffic in Exchange. I know how to enable logging in the properties of the "Default smtp virtual server" but that is far from enough.
I miss two things:
1. Detailed logging of everything like in a syslog for Linux, not only the so called "user friendly" logs that is generated in Exchange.
2. Real time logging, i.e. the ability to have the log file rolling in a window on my screen during fault finding and similar.
Any experience of this?
Thanks in advance
Yours sincerely
Martin Rådbo
Teknologia
I'm looking for great tools for monitoring the smtp traffic in Exchange. I know how to enable logging in the properties of the "Default smtp virtual server" but that is far from enough.
I miss two things:
1. Detailed logging of everything like in a syslog for Linux, not only the so called "user friendly" logs that is generated in Exchange.
2. Real time logging, i.e. the ability to have the log file rolling in a window on my screen during fault finding and similar.
Any experience of this?
Thanks in advance
Yours sincerely
Martin Rådbo
Teknologia
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I rarely have to go near the log files to troubleshoot what is happening with Exchange.
If the email is not being delivered it will sit in the queues and show an error message which can be seen in ESM.
Inbound email, the logs will rarely show enough information anyway.
NDRs are the most useful thing for troubleshooting errors. They show the SMTP error and which server generated them.
You can change the logs to show more information, although that information is still limited.
I guess it comes down to what you are used to.
-M
If the email is not being delivered it will sit in the queues and show an error message which can be seen in ESM.
Inbound email, the logs will rarely show enough information anyway.
NDRs are the most useful thing for troubleshooting errors. They show the SMTP error and which server generated them.
You can change the logs to show more information, although that information is still limited.
I guess it comes down to what you are used to.
-M
ASKER
OK. I do not like it but I have to face the fact that this is the way it works with Exchange.
Thank you for your tries to help me anyway.
Best regards
Martin
Thank you for your tries to help me anyway.
Best regards
Martin
ASKER
The qestion is if you could change this logging behavior to a more detailed way?
I suppose not...
But I wonder how you guys do then perform fault finding of queued emails in Exchange, I find it almost impossible to get the information I really need to solve the problem. If Exchange talks to an external mailserver I always go there to check the log files instead.