Product Reviews

Keep an Eye on Your Web Site in Real Time

IISTracer helps spot questionable activity fast.

If you'd like to monitor your Web site in real time, take a look at PSTRUH Software's IISTracer (see Figure). IISTracer is an ISAPI (Internet Services API) library that you load directly on your IIS server. If you're not familiar with ISAPI, this is a technology that gives you a chance to "hook" requests to your server before IIS processes them. An ISAPI DLL can either modify the HTTP requests (or even throw them away if they're deemed too dangerous to process) or pass them on intact to the rest of IIS.

IISTracer only looks at requests, without changing them. It sits unobtrusively in the background, monitoring traffic and displaying the current activity on screen. You can configure a variety of options, including a threshold for long-running requests so that the monitoring screen will show only files that are taking a long time to deliver. This can be an excellent way to find files on your site that are causing a performance problem. You can also log problem activity for future analysis.

In addition to giving you a feel for the patterns of activity on your server, IISTracer can be an effective way to spot an attack in progress. Spotting the pattern of unusual URLs sent by Code Red or a bunch of long-running connections in a denial-of-service attack may let you take immediate corrective action. Screentips on the IISTracer display even show you the HTTP headers sent to your server, so you can see which browsers your customers are using or which sites are sending traffic your way.

IISTracer provides real-time Web site monitoring, including a look at recently delivered pages and the HTTP headers that retrieved them. (Click image to view larger version.)

In my tests, IISTracer worked well and did exactly what it was advertised to do. I ran it on a live Web server, and from the outside you couldn't tell that anything was different. But from the inside, I suddenly had much more diagnostic information at my fingertips.

About the Author

Mike Gunderloy, MCSE, MCSD, MCDBA, is a former MCP columnist and the author of numerous development books.


  • Azure Active Directory ID Protection 'Refresh' Now Available

    Microsoft's enhancements to the Azure Active Directory Identity Protection service are now said to be "generally available" (GA), or ready for commercial use, per a Wednesday announcement.

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.