Analyzing Internet Information Services Server logs
Microsoft IIS Server logs provide crucial insight into the quality, performance, and usage of your file and web servers. This can help improve or optimize hosted files and web pages to ensure a seamless and positive experience for your end users. Auditing IIS Server logs helps you do the following :
- Identify all server users and learn who is attempting to log on, when, and from where.
- Track all file transactions, such as downloads, uploads, and deletions.
- Improve performance by rooting out top errors, analyzing their root causes, and resolving them.
- Secure the server by instantly responding to potential security attacks.
Auditing Microsoft IIS Server with EventLog Analyzer
- EventLog Analyzer helps you monitor the usage and important transactions of your MS IIS Server.
- Alerts instantly notify you of any potential security threats and frequently occurring errors. This will help you prevent the threats, correct the errors, and improve server performance in general.
- The correlation feature helps recognize anomalous activities.
- A collection of trend and top N reports provide interesting insight into server usage patterns.
- The reports are available in table, list, and graphical formats, with support for several graph types.
- The reports dashboard also allows administrators to drill down to the raw data.
- The product supports Microsoft IIS W3C FTP and Web Servers.
IIS Web Server top reports
- Identify most frequent access to your server, such as top visitors, operating systems, and browsers.
- Find out which pages, images, and file types are the most popular on your website.
- Become aware of the errors your users are encountering most often.
- Get a comprehensive view of server activity through trend and overview reports.
Top Users | Top Methods | Top Pages | Top Queries | Top Images | Top File Types | Top Visitors | Top Browsers | Top OS | Top Errors | Top Windows Errors | Top Hosts | IIS Server Trend | IIS Server Overview
IIS Web Server error reports
- Error reports can alert and help you understand problems that users might be facing on your website.
- Prioritizing and correcting errors continuously improves the website to ensure consistent and satisfactory user experience.
Http Status Success | Failed User Authentication | HTTP Bad Request | HTTP Payment Required | Site Access Denied | Password Change | HTTP Request URI Too Large | HTTP Request Entity Too Large | HTTP Expectation Failed | HTTP Unsupported Media Type | HTTP Locked Error | HTTP Bad Gateway | IP Address Rejected | Read Access_Forbidden | Write Access_Forbidden | Service Unavailable | Gateway Timeout | UNC Authorization Failed | Denied direct request to Global.asa | IO Operation Aborted | Web Server Restart | Web Server Busy | Information Reports | Success Reports | Redirection Reports | Client Errors | Server Errors
IIS Web Server attack reports
- Some of the most common and dangerous attacks on a web server, such as SQL injection attacks or denial of service attacks, are instantly picked from the logs and presented as reports.
- Web administrators can react immediately to protect their server's crucial and confidential data and prevent their site from going down.
SQL Injection reports | Cross site scripting reports | Malicious URL Requests | Malicious File Executions | cmd.exe and root.exe file executions | xp_cmdshell executions | Admin Resource Accessess | Denied Directory listing | DoS Attacks | Directory Traversal | Spam Mail Header
IIS FTP Server reports
- Monitor user activity through reports on successful and failed logons, password changes, and commands presented to the server. This helps you understand who is using your server and how they're doing so.
- Track file and directory operations such as file downloads and uploads, directory creation and content listing, and rename and transfer operations. Such operational insight can help you optimize file and directory structure and improve performance.
- Top N reports, such as top users and clients, and top file types uploaded and downloaded, also provide useful insight.
Logons | Failed Logons | Login attempts | File downloads | File uploads | Disconnects | File Transfer Aborts | File Deletions | Make Directories | Remove Directories | Rename Operations | List Directory Contents | Password Changes | Bad Sequence of Commands | Successful Commands | Command Syntax Errors | Transfer Incomplete due to insufficient space | Security Data Exchange | Top File Types Downloaded | Top File Types Uploaded | Top Users | Top Clients | Top Methods | Top Status | FTP Reports Overview
Centrally manage event log data from Windows devices including workstations, servers, and terminal servers to meet auditing needs. Combat security attacks with real-time alerts and event correlation.
Collect and analyze Syslog data from routers, switches, firewalls, IDS/IPS, Linux/Unix servers, and more. Get in-depth reports for every security event. Receive real-time alerts for anomalies and breaches.
Monitor and track privileged user activities to meet PUMA requirements. Get out-of-the-box reports on critical activities such as logon failures, reason for logon failure, and more.
Comply with the stringent requirements of regulatory mandates viz., PCI DSS, FISMA, HIPAA, and more with predefined reports & alerts. Customize existing reports or build new reports to meet internal security needs.
Perform in-depth forensic analysis to backtrack attacks and identify the root cause of incidents. Save search queries as alert profile to mitigate future threats
EventLog Analyzer offers log management, file integrity monitoring, and real-time event correlation capabilities in a single console that help meeting SIEM needs, combat security attacks, and prevent data breaches.
Need Features? Tell Us
If you want to see additional features implemented in EventLog Analyzer, we would love to hear. Click here to continue