Solved

IIS \ W3SVC1 Log Explanation

Posted on 2011-02-28
1
1,405 Views
Last Modified: 2012-05-11
I need help in understanding an IIS (W3SVC1) log file.

The log file below references directories that used to be hosted on this server over a year ago.  The logs are from today though.  And these were simple directories that are now hosted on a different server that is not running IIS.  In fact, I have no idea on why these directories would even be mentioned in an IIS log.

Can anyone help explain what would make the generatorrepairdb, g5135 and specs directories appear as they do in an IIS log?


#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2011-02-28 00:08:57
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2011-02-28 00:08:57 xx.xx.62.14 OPTIONS / - 80 - xx.xx.39.204 Microsoft-WebDAV-MiniRedir/5.1.2600 200 0 0
2011-02-28 00:08:57 xx.xx.62.14 PROPFIND /generator%20repair%20db - 80 - xx.xx.39.204 Microsoft-WebDAV-MiniRedir/5.1.2600 501 0 0
2011-02-28 00:08:57 xx.xx.62.14 OPTIONS / - 80 - xx.xx.39.204 Microsoft-WebDAV-MiniRedir/5.1.2600 200 0 0
2011-02-28 00:08:57 xx.xx.62.14 PROPFIND /generator%20repair%20db - 80 - xx.xx.39.204 Microsoft-WebDAV-MiniRedir/5.1.2600 501 0 0

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2011-02-28 00:27:14
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2011-02-28 00:27:14 xx.xx.62.14 OPTIONS / - 80 - xx.xx.66.81 Microsoft-WebDAV-MiniRedir/5.1.2600 200 0 0
2011-02-28 00:27:14 xx.xx.62.14 PROPFIND /g5135 - 80 - xx.xx.66.81 Microsoft-WebDAV-MiniRedir/5.1.2600 501 0 0
2011-02-28 00:27:14 xx.xx.62.14 PROPFIND /specs - 80 - xx.xx.66.81 Microsoft-WebDAV-MiniRedir/5.1.2600 501 0 0
0
Comment
Question by:fraunkd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 29

Accepted Solution

by:
Paul Jackson earned 500 total points
ID: 35000829
These are webdav requests, it would seem something somewhere on your network is requesting them. Could be a file sharing program, sharepoint something like that still has a reference to them.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

761 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question