Solved

log file size in exchange

Posted on 2013-11-07
5
380 Views
Last Modified: 2013-11-19
I know EXBPA suggests your application log size should be >40mb. Not being an exchange admin myself - what are the risks in having a much smaller application log size, if anything? Are there any real risks? What kind of information goes in the application log file, and is it of much importance? I dont really see any issue whether its 20mb or 40mb - please enlighten me.
0
Comment
Question by:pma111
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:MHMAdmins
ID: 39630437
It just depends on how much information you are trying to audit from the logs, if the logging is more frequent your log size will be bigger. If you set the logging to verbose mode which means it will report more detailed metrics than the log file itself will be bigger. It really just depends on your reporting and auditing requirements for your environment.
0
 
LVL 3

Author Comment

by:pma111
ID: 39630459
But I guess where I am coming from is - why would you want to log more? When is this information ever used? If never - then who cares if you collect the last 5mb worth of logs before overwriting - or the last 100mb?
0
 
LVL 9

Expert Comment

by:MHMAdmins
ID: 39630467
Well for instance in my environment I'm guided by HIPAA rules and regulations and subject to audits, or if there is ever an intrusion detection event from someone trying to get acces to and failing security auditing I can disable the account the intruder is trying to access all while maintaining a record of said events in case of a federal audit.
0
 
LVL 3

Author Comment

by:pma111
ID: 39630485
Would that information go in the security log though as opposed the application log? I dont really understand exchange enough to know what information goes in the application log and what worth those log entries actually are?
0
 
LVL 9

Accepted Solution

by:
MHMAdmins earned 500 total points
ID: 39630516
Depends there are multiple logs involved with Exchange, you have the built in Appliction logs, security logs, and system logs. Then you have Applications and services logs which as the name says it logs any cmdlets run whether creating or deleting a user account or if you move an account into another DB or container. It will track if you create Transport rules, hub rules it will log everything and categorize it into the a perticular task category. IF you're environment is running a small exchange with just a few people I wouldn't expect that log to be too big. However if you're in a big enterprise environment with more going on in the back end the the logs will be significantly bigger.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
how to add IIS SMTP to handle application/Scanner relays into office 365.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now