Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

What are these log files for?

Posted on 2013-12-09
7
Medium Priority
?
312 Views
Last Modified: 2013-12-10
We have a Windows 2008 Server running IIS, one application, and AV. It has c:\hostact.log size=380MB and a c:\hoststat.log with a size of 200MB.
What is generating these log files?
How do we disabled this logging?
0
Comment
Question by:johnj_01201
  • 5
  • 2
7 Comments
 
LVL 19

Accepted Solution

by:
jss1199 earned 2000 total points
ID: 39707121
These are not generated by IIS or Microsoft.  Use sysinternals process explorer to determine what application or process is writing to the file - once we know the app we can assist further.

When you open process explorer, use the icon that resembles a pair of Binoculars... or use the hotkey Ctrl+F(find) and type the name of the file... it will show you which process is presently running and has locked the file for use.

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
0
 
LVL 1

Author Comment

by:johnj_01201
ID: 39707155
Neither filename shows up in Process Explorer and the logs continue getting updated.
0
 
LVL 1

Author Comment

by:johnj_01201
ID: 39707173
Resource Monitor shows one of the files c:\hostact.log
System, PID=4 (along with most everything else).
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
LVL 19

Expert Comment

by:jss1199
ID: 39707197
files accessed through a share will be locked by the system process (PID 4).

Try opening compmgmt.msc -> System Tools -> Shared Folders -> Open Files to see if the locked file is listed there
0
 
LVL 1

Author Comment

by:johnj_01201
ID: 39708395
no open files either. I rebooted the server and the logs continue to update\grow. I used to have a notepad replacement that could open up large files but forgot the name and do not know of any legit programs to try.
0
 
LVL 1

Author Comment

by:johnj_01201
ID: 39708406
More information. The server is a VM running on VMware and the AV software is Kaspersky anti-virus.
0
 
LVL 1

Author Comment

by:johnj_01201
ID: 39708412
OK. I used Programmers Notepad and was able to open the files and now see what the log files are for.
thank you.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is a real story and is one of my scariest tech experiences. Most users think that IT experts like us know how to fix all computer problems. However, if there is a time constraint and you MUST not fail the task or you will lose your job, a simple …
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question