Solved

IIS Logging

Posted on 2014-10-10
3
167 Views
Last Modified: 2014-10-17
We are sending our IIS logs offsite for 90-day retention on-hand, and then further 365-day retention in archives. This adds up to over 350GB of logs per year for us, and is costing us a lot. We are doing this to meet PCI compliance.

We would like to cut down on our IIS logs without sacrificing security or compliance. From the list below, please list all non-essential items that we can cut. Thanks much.

Date
Time
Client IP Address
User Name
Service Name
Server Name
Server IP Address
Server Port
Method
URI Stem
URI Query
Protocol Status
Protocol Substatus
Win32 Status
Bytes Sent
Bytes Received
Time Taken
Protocol Version
Host
User Agent
Cookie
Referer
0
Comment
Question by:pzozulka
3 Comments
 
LVL 78

Accepted Solution

by:
David Johnson, CD, MVP earned 250 total points
ID: 40374340
This adds up to over 350GB of logs per year for us, and is costing us a lot. you could compress these files using zip or winrar before sending to your storage provider.. These files are highly compressible. 350GB on Amazon Glacier is probably a lot cheaper than what you are paying now.
0
 
LVL 26

Assisted Solution

by:Dan McFadden
Dan McFadden earned 250 total points
ID: 40376788
Dropping a field from your http logs will not make that great of a difference in the size of your log files.  The log size is governed more by the activity on the website.  More activity equals larger logs... 1 or 2 less fields won't make a difference.

I agree with what David said above.  Http logs are simple text files and compress like a champ.  Compression will get you around an 85-90% reduction in file size.

Dan
0
 
LVL 8

Author Comment

by:pzozulka
ID: 40380099
These are not compressible as they need to be sent in either plain text or JSON for further analysis, monitoring, reporting, and trending for PCI compliance. We are sending them to loggly.com.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now