Product Reviews

What's in Your IIS logs?

WebTrends can deliver information that you didn't even know you were collecting.

Most organizations will want to keep an eye on the trends in their Web server's usage. IIS excels at collecting the raw data for trend analysis: If you turn on IIS logging, it will save everything from the pages that were requested to the referring URLs to the IP addresses of the browsers that were used to access your Web site. The problem with this approach is that the raw log files have too much data for human beings to understand. An active web site can quickly pile up hundreds of megabytes or even gigabytes of logging information. How do you extract useful information from all that data?

The answer is to use a log-file analysis program. To carry out this task, I took a look at WebTrends Analysis Suite.

NetIQ's WebTrends is one of the more complex (and expensive) products in the log-file analysis market, and it includes correspondingly powerful tools. For starters, of course, WebTrends can go through your IIS logs and summarize them in many different ways. You can find out which pages were the most popular, where your traffic came from (both by referrer and by location, thanks to a built-in geographic database), which paths people take through your site, which are the most popular entry and exit pages, and more. A variety of predefined (but customizable) reports in HTML, Word, Excel and Text formats let you tailor the program's output for detailed analysis or executive overview.

WebTrends’ reporting starts with an overview of your site’s activity, but it doesn’t stop there. (Click image to view larger version.)

But WebTrends' capabilities don't stop there. It can analyze sites that are big enough to need server farms for their hosting, and track sessions that cross multiple servers. It can analyze proxy server or streaming media server log files or walk through an entire Web site (or just part of a site) looking for broken links. It can also monitor servers and alert you when they're down, or compare the content of a caching server with the original server to make sure they're synchronized. Another intriguing feature is the ability to extract part of an URL and use it to look up information in a database. E-commerce sites, for example, will find this useful for matching shopping cart activity to customer demographics.

WebTrends comes in several editions, from a simple $699 log analyzer to the full advanced Analysis Suite that runs $2,499 for the first server and $1,495 for additional servers. Although those prices may seem high, Analysis Suite will deliver just about every piece of information that can possibly be extracted from your server logs.

About the Author

Mike Gunderloy, MCSE, MCSD, MCDBA, is a former MCP columnist and the author of numerous development books.


  • Malwarebytes Affirms Other APT Attack Methods Used Besides 'Solorigate'

    Security solutions company Malwarebytes affirmed on Monday that alternative methods besides tainted SolarWinds Orion software were used in the recent "Solorigate" advanced persistent threat (APT) attacks.

  • How To Fix the Hyper-V Read Only Disk Problem

    DOS might seem like a relic now, but sometimes it's the only way to fix a problem that Windows seems ill-equipped to deal with -- like this one.

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

comments powered by Disqus