RSS

Exchange Log Analyzer

02 Feb

对于一个大型Exchange 组织而言,如何获取服务器,邮件的信息就显得非常重要的了。诚然世界上有很多公司都推出了Exchange相关的产品,但是那是收费的。于是,一款开源的软件Exchange Log Analyzer 应运而生了。

查看位置:http://code.msdn.microsoft.com/ExLogAnalyzer

目前,还没有太多的教程或者文档出现。我也只是简单的研究了一下。

需要注意:

Exchange Log Analyzer可以帮你整理出报表,但是不会帮你做出图表,你需要有一定的excel作图功能的了解。

Exchange Log Analyzer可以进行多服务器的日志处理,但是规模太大的环境下会有性能问题。

Exchange Log Analyzer目前只能提供一定量的日志,无法完全保证能适合你。

 

以下是简单的使用说明,英文版本:

1- unzip the zip file to D:\ExLogAnalyzer

2- create folder D:\ExLogAnalyzer\reports

3- install graphviz-2.26.3.msi which include in http://graphviz.org/ (31.2MB) at D:\ExLogAnalyzer\graphviz

4- modify the ExLogAnalyzer.exe.config like below

<?xml version="1.0" encoding="utf-8" ?>

<configuration>

<appSettings>

<!– GENERAL: PATHS –>

<add key="OutputPath" value="D:\ExLogAnalyzer\reports" />

<!– GENERAL: DATE RANGE, e.g. 2009-05-08T00:12:46.955Z –>

<add key="StartTimeUtc" value="" />

<add key="EndTimeUtc" value="" />

<add key="StartTimeLocal" value="" />

<add key="EndTimeLocal" value="" />

<!– GENERAL: AdhocAnalyzersPath – if empty, then use the current directory and ExLogAnalyzer directory –>

<add key="AdhocAnalyzersPath" value="D:\ExLogAnalyzer" />

<!– TOOLS: GraphViz Binary Path – http://graphviz.org/ – e.g. "c:\Program Files (x86)\Graphviz2.24\bin" –>

<add key="DotApplicationPath" value="D:\ExLogAnalyzer\graphviz\bin" />

<!– SMTP RECEIVE –>

<add key="SmtpInputPath" value="" />

<add key="SmtpReceiveFormatterLogAnalyzerEnabled" value="true" />

<add key="SmtpReceiveSeparatorLogAnalyzerEnabled" value="true" />

<add key="SmtpReceiveWorkLoadLogAnalyzerEnabled" value="true" />

<add key="SmtpReceiveSessionIndexLogAnalyzerEnabled" value="true" />

<add key="SmtpReceiveDelayedAckLogAnalyzerEnabled" value="true" />

<add key="SmtpReceiveDelayedAckLogAnalyzerGenerateDetails" value="true" />

<add key="SmtpReceiveDelayedAckLogAnalyzerSummaryStepDuration" value="00:10:00" />

<!– MESSAGE TRACKING –>

<add key="MsgTrkInputPath" value="" />

<add key="MsgTrkEventFrequencyLogAnalyzerEnabled" value="true" />

<add key="MsgTrkReceiveLogAnalyzerEnabled" value="true" />

<add key="MsgTrkTopSendersByDeliverLogAnalyzerEnabled" value="true" />

<add key="MsgTrkTopSendersBySubmitLogAnalyzerEnabled" value="true" />

<add key="MsgTrkDuplicateDeliveryLogAnalyzerEnabled" value="true" />

<add key="MsgTrkExpandLogAnalyzerEnabled" value="true" />

<add key="MsgTrkMessageSizeDistributionLogAnalyzerEnabled" value="true"/>

<add key="MsgTrkRecipientNotFoundLogAnalyzerEnabled" value="true" />

<add key="MsgTrkEventTimeDistributionLogAnalyzerEnabled" value="true" />

<add key="MsgTrkTopRecipientLogAnalyzerEnabled" value="true" />

<add key="MsgTrkComponentLatencyPercentileLogAnalyzerEnabled" value="true" />

<add key="MsgTrkComponentLatencyPercentileLogAnalyzerPercentiles" value="10,20,50,80,90" />

<add key="MsgTrkComponentLatencyPercentileLogAnalyzerTimes" value="1,2,5,8,9" />

<add key="MsgTrkMailflowVisualizerLogAnalyzerEnabled" value="true" />

<!– CONNECTIVITY –>

<add key="ConnectivityInputPath" value="" />

<add key="ConnectivityStatsLogAnalyzerEnabled" value="true" />

<add key="ConnectivityFormatterLogAnalyzerEnabled" value="true" />

<add key="ConnectivityWorkLoadLogAnalyzerEnabled" value="true" />

<add key="ConnectivityWorkLoadLogAnalyzerStepDuration" value="00:01:00" />

</appSettings>

<system.codedom>

<compilers>

<compiler

language="c#;cs;csharp"

extension=".cs"

type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">

<providerOption name="CompilerVersion" value="v3.5" />

</compiler>

</compilers>

</system.codedom>

</configuration>

5- run D:\ExLogAnalyzer>ExLogAnalyzer.exe –msgtrkinputpath " \\hub01\d$\ServerLogs\ExchangeLog\MessageTracking "
if you want add more logpath, please use

" \\hub01\d$\ServerLogs\ExchangeLog\MessageTracking ; \\hub02\d$\ServerLogs\ExchangeLog\MessageTracking " between different UNC you just need a semicolon.

6- get reports at D:\ExLogAnalyzer\reports, there will be 3 new folders with report csv files you can get what you want.

以下是我自己做的一个图,显得很粗糙

Advertisements
 
Leave a comment

Posted by on February 2, 2010 in Exchange Server

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: