• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1836
  • Last Modified:

get-logonstatistics on Exchange 2010 not showing IP Address.

Exchange Server 2010 SP3 RU8 Enterprise 64 bit
Windows 2008 R2 Server 64 bit

run this (this is what I ran on Exchange 2007)

get-logonstatistics myuser | sort-object clientipaddress | format-table username,clientipaddress,logontime,clientversion >c:\util\logon.txt

No client ip address appears

UserName                      ClientIPAddress               LogonTime                     ClientVersion
--------                                    ---------------                        ---------                             -------------
myuser                                                               2/3/2015 3:03:51 PM           3587.0.32992.2
myuser                                                               2/4/2015 3:09:13 PM           3587.0.32992.2
myuser                                                               2/3/2015 3:03:51 PM           3587.0.32992.2
myuser                                                               2/3/2015 3:03:51 PM           3587.0.32992.2
myuser                                                               2/3/2015 3:04:35 PM           3587.0.32992.2


I have this in my registry

3.Locate and then click the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\CancelRPC
Note If the CancelRPC key does not exist, create this key. To do this, follow these steps: •Click to select the Outlook subkey.
•On the Edit menu, point to New, and then click Key.
•Type CancelRPC, and then press ENTER.
•Select the CancelRPC subkey, and then go to step 4.

4.On the Edit menu, point to New, and then click DWORD Value.
5.Type EnablePerfTracking, and then press ENTER.
6.On the Edit menu, click Modify.
7.Type 28, and then click OK.

But then I found this

Exchange 2010


The above steps do not work for Exchange 2010. However, you can obtain client IP information from the log files in the following folder on your Client Access Server (CAS).


\Program Files\Microsoft\Exchange Server\v14\Logging\RPC Client Access

The log files are named RCA_date-#.log (where date is the date the log was collected and # is an index number starting at 1). This logging is enabled by default, so you should not have to make any configuration changes to collect this information.


I reviewed some of those log files and did not see the ip address yes possible I was not looking at the correct lines.


Does anyone have a example of how to report this information now?  Powershell script  example would be great.

I do have Logparser 2,2 installed any example of that ?

Thanks in advance
0
Thomas Grassi
Asked:
Thomas Grassi
  • 4
  • 4
1 Solution
 
Praveen Kumar BonalaProgrammer AnalystCommented:
Please check following link and let me know the status:

http://msexchangeguru.com/2012/12/06/find-device-ip/
0
 
Thomas GrassiSystems AdministratorAuthor Commented:
Praveen

I saw that link before thanks

Just installed Advance Logging on IIS 7

How long before the logs start building in the advance Log folder?

Still looking for a report I can run to show the ip address of my clients.
0
 
Praveen Kumar BonalaProgrammer AnalystCommented:
You can check immediately..
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Thomas GrassiSystems AdministratorAuthor Commented:
Sorry no logs collected as of yet been almost 1 hour now.


Do I need to restart IIS?

The instructions you posted did not say you needed to restart IIS

Also I tried logging on as a client from closing outlook and starting again

Also tried using web mail

My iphone also

No logs entries yet
0
 
Praveen Kumar BonalaProgrammer AnalystCommented:
Restart not required,
It should create logs with out restarting IIS, please cross check once that you have enabled advanced logging option.
if same problem persist try with restarting the IIS.
0
 
Thomas GrassiSystems AdministratorAuthor Commented:
Praveen

I had to restart IIS

After restarting IIS the advancedlog file appeared with the starting records.

Will start to see client records soon I hope.

Thanks for this..

Still need a report any Logparser examples for this log file?
0
 
Praveen Kumar BonalaProgrammer AnalystCommented:
0
 
Thomas GrassiSystems AdministratorAuthor Commented:
Praveen

My logs are creating files but I see no data in the logs


#Software: IIS Advanced Logging Module
#Version: 1.0
#Start-Date: 2015-02-09 03:43:42.579
#Fields:  date time cs-uri-stem cs-uri-query s-contentpath sc-status s-computername cs(Referer) sc-win32-status sc-bytes cs-bytes X-Forwarded-For cs-username c-ip





Any thoughts?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now