IIS log files location

we What is the risk in storing IIS log files on the system drive? Is there any risk if this is only ever set for the default web/FTP sites, which aren't even used, or is it only ever a risk for a user site? we have IIS log files for both default website and other sites flagged sa located on the system drive. It is identified as a risk on many of microsofts tools/security scanners, but doesnt provide much information as to why?
LVL 4
pma111Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

systechadminConsultantCommented:
There is no risk in storing log files on system drive but log files will rapdily fill the system drive causing the space issues on System drive. you can change the log files location to other drive.
pma111Author Commented:
can you not cap the max size of the logs so they dont cause a space related issue?
systechadminConsultantCommented:
yes u can do that, that option is available in the IIS settings.
Dan McFaddenSystems EngineerCommented:
Limiting the size of the http/ftp logs will not solve a disk space consumption issue.  Limiting the size refers only to the size of the individual files not how much space the logs can take up on a partition.  IIS will watch a log file, when it hits the file size definition, it will "rollover" the log... meaning it will stop using that log file and create a new one... and so on.

If you aren't using the default web site, delete it.  If you do not use or don't want to save http logs, turn off the feature.

Otherwise, if you need to have your http logs active on your system drive, you need to do something like the following:

1. set logs to rollover daily (this is my recommendation)

do one of the following:

1. set the directory where the log files are being save, to be compressed.  Right click the directory, select properties, On the General tab click Advanced, under Compress or Encryption Attributes, check "Compress content to space disk space" option.

- or -

2. setup a scheduled task to run a script that compresses log files in the log directory.  leaving the currently active log file uncompressed.

But yes, IMO, storing any active (noisy) log files (http, ftp, smtp, etc.) on a system drive is a bad practice.  The biggest issue is that if left unmonitored, you could cause a server/service outage due to running out of space on your OS Boot drive.

Dan

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.