Configuration File

This is the core documentation used in both the IISLogs stand-alone EXE and IISLogs service component.  The provides description of ALL items stored in the configuration file that is used by IISLogs component. 

Standard Configuration Options

This section provides the core functionality of IISLogs, this will allow for entire directory structures or specific directories to have their log files be monitored.  Through configuration they can be compressed (ZIPPED) and/or deleted based on an hour-based configuration settings.  The allows for certain aged files to be compressed and after a longer timeframe be deleted.  One or both of these options can be used together or separate, the individual has complete control over this. 

MonitoredEntireDirectories – Use this setting to monitor entire directory structures, for example C:WindowsSystem32Logfiles. This means all sub-directories below this directory would be monitored.  The c:windowssystem32logfiles directory wouldn’t be monitored, ONLY the sub-directories.

MonitoredSpecificDirectories – This setting allows for specific directories to be monitored – for examples if you have URLScan installed.  You could monitor the C:WindowsSystem32inetsrvurlscan directory and no other directories in c:windowssystem32inetsrv directory.

Zipfile – This turns on this feature, the default setting is "NO".  To turn on this feature by putting "YES", either use the IISLogs configuration GUI or your favorite text editor. 

ZipRetentionPeriod – The default setting is 0 (zero), the timeframe is in hours.  If you want your log files to be compressed that are older than a certain timeframe, simply put this number.  For example, if you want all log files that are older than one week (7 days) to be compressed, put "168".  Note: If you turn on the ZIPFILE feature on and do NOT put a timeframe in, the log files won’t be compressed.

FileCompressionPolicyAgreementSigned – The File Compression Agreement is something that has to be agreed, typed or signed and dated when first configuring IISLogs to run.
To configure this, open IISLogsGUI and agree to the delete file policy, this will create a FileCompressionPolicyAgreement.txt file in the  IISLogs directory. IISLogs checks for existence for this file before zipping files. Default Value is False.

DeleteOriginalFile –  These setting is for ZIP feature, the DeleteOriginalFile Option will delete the original log file after being ZIPPED We strongly recommend you run IISLogs with DeleteOriginalFile left to FALSE until you have verified the ZIPPED file can be un-zipped, the logfile extracted and verified it’s ok. Default value – NO

DeletePolicyAgreementSigned – The Delete File Agreement is something that has to be agreed, typed or signed and dated when first configuring IISLogs to run.
To configure this, open IISLogsGUI and agree to the delete file policy, this will create a DeleteFilePolicyAgreement.txt file in the IISLogs directory. IISLogs checks for existence for this file before deleting files. Default Value is False.

Deletefile
– This turns on this feature, the default setting is "NO".  To turn on this feature by putting "YES", either use the IISLogs configuration GUI or your favorite text editor. 

DeleteRetentionPeriod – The default setting is 0 (zero), the timeframe is in hours.  If you want your log files to be deleted that are older than a certain timeframe, simply put this number.  For example, if you want all log files that are older than 30 days (7 days) to be deleted, put "720".  Note: If you turn on the DELETEFILE feature on and do NOT put a timeframe in, the log files won’t be deleted.  Another design feature of IISLogs, if both the ZipFile and DeleteFile features are being used, the DeleteFileRetentionPeriod has be at least 1 hour longer than ZipFileRetentionPeriod.

ZipFilePath – This is an advanced setting to determine where to store zip files
Three Options:
1. local (stores files in directory where log files are stored *This is the Default*

2. Another directory on local disk (I.E. D:zippedFiles such as c:myLogFilesLogs)
Note this setting needs to be formatted with trailing such as c:myLogFilesLogs"

3. UNC path \ServerShareZipFileDirectory- this is stored on a network server
Note this setting needs to be formatted with trailing such as c:Program FilesIISLogFilesLogs"

MonitorZipFilePath –
If you use option 2 or 3 and want IISLogs to monitor this directory, this setting turns this setting on.

LogDirectoryPath – This feature tells the IISLogs app where to store system log files.  The default is "c:Program FilesIISLogsConsoleApplogs"

DeleteLogFileName – used by System (Please do not change)

DetailLogFileName – used by System (Please do not change)

ErrorLogFileName – used by System (Please do not change)

SummaryLogFileName – used by System (Please do not change)

DetailFileLogging – This feature turns on detail file logging – Default is "YES" – To turn off just put "NO"

Delimiter – This allows for different delimiters that are using in the SYSTEM logging files. Currently the ONLY tested and supported delimiter is "!" (bang). Other delimiters will be determined in the future.

ConsoleWriteLineToScreen – This feature is ONLY used in the stand-alone EXE version of IISLogs.  This will write the directories and files being processed to the command window.  The default setting is "NO".

ServiceInterval – This setting is ONLY used if your using the Service version of IISLogs –  This is setting can be configured to allow IISLogs service component to run in time exact The default is 3 AM, if your going to add more than one time to run the IISLogs process, Here is an example of how to enter multiple entries either using the IISLogs configuration GUI or favorite text editor. 

        Example of single entry

        <add key="ServiceInterval" value="03:00:00 AM"></add>–>

        Example of multiple entries

        <add key="ServiceInterval" value="12:00:00 AM,06:00:00 PM,12:00:00 PM,06:00:00 AM"></add>–>

        Note: This needs to be in HH:MM:SS PM or HH:MM:SS AM, AND there needs to be space between the SS and PM or AM.

ServiceName – this key only pertains to Windows Service version, it ONLY stores the name of the service.  It is a static value, its used by the system (Please don’t change) – It will only be in the configuration file for the Windows Service version.

CompressionLevel – Depending on what Compression utility IISLogs is using.  These values can vary, for v1.0 this can be from Low, Med, High, None.

ProcessLOG – This setting handles zipping .LOG files – Default value is True

ProcessZIP
– This setting handles zipping .ZIP files – Default value is True

ProcessTXT
– This setting handles zipping .TXT files – Default value is False

ProcessBAK
– This setting handles zipping .BAK files , Note 4 gig files and larger aren’t supported.  Default value is False

ProcessDAT
– This setting handles zipping .DAT files – Default value is False

ProcessBAD
– This setting handles zipping .BAD files – Default value is True

ProcessBDP
– This setting handles zipping .BDP files – Default value is True

ProcessBDR
– This setting handles zipping .BDR files – Default value is True

LogHeaderLine1
– used by the System (Please don’t change)

LogHeaderLine2 – used by the System (Please don’t change)

LogHeaderLine3 – used by the System (Please don’t change)

DeleteLogFileNameFields – used by the System (Please don’t change)

DetailLogFileNameFields – used by the System (Please don’t change)

ErrorLogFileNameFields – used by the System (Please don’t change)

SummaryLogFileNameFields – used by the System (Please don’t change)

FileLoggingAge – This setting provides how long files that are stored in C:Program FilesIISLogsLogs directory – Default is 7 days.

PurgeArchiveLogsAge – This setting provides how long archive Log files are retained.  Default value is 14 days.


SMTP Configuration options

This feature ONLY will allow for monitoring the SMTP directories, normally under C:InetpubMailroot directory. This is a separate feature from IISLOGS and won’t ZIP files, files with extensions .BAD,.BDR,.BDP will ONLY be allowed to be deleted in the configured directories–>

ProcessSmtpSVCDirectories – Added security and ease of use to either this feature on or off –. The default is OFF

SmtpSVCDirectories – This setting provides where the SMTP service directories are.  The default values are the same as the default directories when the IIS SMTPSVC is installed – The following directories are = "C:InetpubmailrootBadmail,C:InetpubmailrootDrop"

SmtpDeleteRetentionPeriod –  This setting provides a configurable hour-based setting when these files should be deleted. Note: Files ARE NOT zipped they are ONLY deleted.  – The Default value="0"


Delete Specific directories ONLY configuration options

This is a separate feature from IISLOGS, ONLY will DELETE files. This is feature to have the ability have some directories that  are configured to zip and delete and others to have the option to JUST delete after a separate configurable delete parameter, just put a comma deleted list of  directories to have their log files deleted separate from IISLogs core functionality I.E.(C:LogfileDir1,C:LogfileDir2,C:LogfileDir3) NO SPACES please.

ProcessDelOnlySpecificDirectories – Added security and ease of use to either this feature on or off –. The default is OFF

DelOnlySpecificDirectories – This setting is where specific directories are put.  I.E.(C:LogfileDir1,C:LogfileDir2,C:LogfileDir3) NO SPACES please.

DelOnlySpecificRetentionPeriod – Provide an hour-based period of time to delete files specific in the DelOnlySpecificDirectories.

DelOnlySpecificAttribute Default value="LastWriteTime – This key determines which file attribute will determine the Delete Date of the file by default IISLogs keys off the LastWriteDate file attribute to determine how old a file is. IISLogs can also parse the default IISLogs filename exYYMMDD.log (it’ll parse out YYMMDD and subtract against DelOnlyRetentionPeriod key, if the file age whatever attribute is used will delete the file or not. The two values that need to be here are "LastWriteTime" (default) and FileName (this is case sensative)–>
 


Email configuration options

SendMailReport – The will send an email to a single email address to receive a summary report everytime IISLogs runs.  the Default value is value="NO">. v1.0 provides a summary report similiar to this.

Subject
Here is a daily IISLogs report for computer: WEBBOX
 
Body
Number of Directories Processed: 285
Total Number Files: 6750
Total Number Files Changed: 2
Size Before Processing: 141249
Size After Procesing: 141247
Start Time: 8/1/2023 5:59:42 PM
Finish Time: 8/1/2023 7:09:43 PM

From – If your going to send email from is required, this is required to be in [email protected] format

To – This will send to ONE email address, this can be a single email address or a distribution group.  This is required to be in [email protected] format

mailServer – This is a unique value and requires some understanding- The default value is "LOCALHOST",  IISLogs assumes the SMTPSVC is installed on the same computer as IISLogs is running and configured to send email to either a smarthost or directly out to the Internet.  Another feature is, if your company runs an internal open relay server (no authentication required), you can just put your relay server here and the report would be sent (i.e. relayserver.yourCompany.com) and not have to specify credentials to send the report.  However, if required to authenticate to the relay server (good idea to do this and NOT run an open relay server!), you would also would be required to fill in mailUID and mailPWD configuration settings with valid credentials for authentication.

mailPort – This allows for sending emails that have computers that run the SMTP service on other tcp ports than 25.  the default value="25"

Mail Subject – This is the Subject that will show in the in the email.

*********************** (Optional************************

Mail Authenication (Optional) – This provides an optional method to send credentials when sending an IISLogs report.  If the relay server your sending update to doesn’t require an ID/PWD just leave this option blank.

Mail User ID – This allows for sending proper user id when sending email to remote systems requiring authentication.  It would be used in conjunction with mailServer and mailPWD configuration settings. – The default settings are ignored if not correct and will log errors in the error log and/or Application event log.

Mail Password – This allows for sending proper password when sending email to remote systems requiring authentication.  It would be used in conjunction with mailServer and  configuration settings. – The default settings are ignored if not correct and will log errors in the error log and/or Application event log.

Retype Password – Retype the email password

EVENTLOG configuration options

This features will write an message to the local computers Application EventLog, for IISLogs v1.0 error logging happens in both the Windows Event Log and errorDetail log file located in C:Program FilesIISLogsLogs directory.   Future logging options will be researched.

UseEventLog – This feature allows for IISLogs to have the capability to write to the computers EventLog or not.  the default value is "YES".

File Naming Convention configuration options

Naming – This stores the optional custom file naming convention.

%M% (Month in single digit),%MM% (Month in double digit),%MMMM% (In word format)
%D% (Day in single digit),%DD% (Day in double digit),%DDDD% (In word format)
%YY% (In two-digit year format), %YYYY% (In four year digit)
 

Default Configuration File

This is default configuration file available when IISLogs is installed, by default all OPTIONS are turned off and need to be turned by whoever is responsible for configuring your computer systems.
 

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <appSettings>
    <!--***********************************************************-->
    <!--Begin standard configuration.  This section provides the core functionality of IISLogs, this will allow for 
			entire directory structures or specific directories to have their log files be monitored.  Through 
			configuration they can be compressed (ZIPPED) and/or deleted based on an hour-based configuration settings.  
			The allows for certain aged files to be compressed and after a longer timeframe be deleted.  
			One or both of these options can be used together or separate, the individual has complete control over this.
			MonitoredEntireDirectories uses a recursive formula when files contain .log and .zip files it'll be monitoried.  
			MonitoriedSpecificDirectories reads the metabase and keeps a pointer directly to the file that the website reads too.
			-->
    <add key="MonitoredEntireDirectories" value="">
    </add>
    <add key="MonitoredSpecificDirectories" value="">
    </add>
    <!--24 hours = 1 days, 168 hours = 1 week, 336 hours = 2 weeks, 3 weeks = 504 hours, 672 hours = 4 weeks
			This setting needs to be at least one hour LESS than the DeleteRetentionPeriod Configurationsettings-->
    <add key="ZipFile" value="False">
    </add>
    <add key="ZipRetentionPeriod" value="0">
    </add>
    <!--The Delete Agreement is something that has to be agreed, typed or signed and dated when first configuring IISLogs to run.  
			To configure this, open IISLogsGUI and agree to the delete file policy, this will create a deleteagreement.txt file in the 
			IISLogs directory.  IISLogs checks for existance for this file before Deleting any files related to ZIP or delete options.-->
    <add key="FileCompressionPolicyAgreementSigned" value="False">
    </add>
    <!--These setting is for ZIP feature, the DeleteOriginalFile Option will delete the original log file after being ZIPPED
			We strongly recommend you run IISLogs with DeleteOriginalFile left to FALSE until you have verified the ZIPPED file can be un-zipped, the logfile
			extracted and verified it's ok.  
			-->
    <add key="DeleteOriginalFile" value="False">
    </add>
    <!--The Delete Agreement is something that has to be agreed, typed or signed and dated when first configuring IISLogs to run.  
			To configure this, open IISLogsGUI and agree to the delete file policy, this will create a deleteagreement.txt file in the 
			IISLogs directory.  IISLogs checks for existance for this file before Deleting any files related to ZIP or delete options.
		-->
    <add key="DeletePolicyAgreementSigned" value="False">
    </add>
    <!--This setting needs to be at least one hour MORE than the ZipRetentionPeriod Configurationsettings
			OR Make the setting Zero to disabled.	
			**PLEASE READ : Careful consideration should be done to insure your not deleting files that shorter than your 
			companies file retention period settings. When in doubt, verify with the correct individuals to insure
			this setting is correct, IISLogs assumes NO responsibility for files deleted and later required for any proceedings
			including legal ones. When in doubt, TURN THIS FEATURE OFF**.-->
    <add key="DeleteFile" value="False">
    </add>
    <add key="DeleteRetentionPeriod" value="0">
    </add>
    <!--This is an advanced setting to determine where to store zip files
			Three Options:
			1. local (stores files in directory where log files are stored *This is the Default*
			2. Another directory on local disk (I.E. D:zippedFiles  such as c:myLogFilesLogs)
			Note this setting needs to be formatted with trailing  such as c:myLogFilesLogs"
			3. UNC path \ServerShareZipFileDirectory- this is stored on a network server
			Note this setting needs to be formatted with trailing  such as \ServerNameShareDir"-->
    <add key="ZipFilePath" value="local">
    </add>
    <add key="MonitorZipFilePath" value="False">
    </add>
    <!--Note this setting needs to be formatted with trailing slash  such as C:Program FilesIISLogsEXELogs"-->
    <add key="LogDirectoryPath" value="">
    </add>
    <add key="DeleteLogFileName" value="deleteLogging">
    </add>
    <add key="DetailLogFileName" value="detailLogging">
    </add>
    <add key="ErrorLogFileName" value="errorLogging">
    </add>
    <add key="SummaryLogFileName" value="summaryLogging">
    </add>
    <add key="DetailFileLogging" value="True">
    </add>
    <add key="Delimiter" value="!">
    </add>
    <add key="ConsoleWriteLineToScreen" value="True">
    </add>
    <!--This is measured in time exact <add key="ServiceInterval" value="12:00:00 AM,06:00:00 PM,12:00:00 PM,06:00:00 AM"></add>-->
    <!--The default is 3 AM, however if your going to add more than one time to run the IISLogs process, put it in the format above -->
    <!--Needs to be in HH:MM:SS PM or HH:MM:SS AM, there needs to be space in the time-->
    <add key="ServiceInterval" value="03:00:00 AM">
    </add>
    <!--<add key="ServiceName" value="IISLogs"></add>-->
    <!--This has four options, None, Low, Med, High-->
    <add key="CompressionLevel" value="Med">
    </add>
    <!--End standard configuration -->
    <!--***********************************************************-->
    <!--***********************************************************-->
    <!--Begin Log Header Information
			The section handlers what will be displayed at the top of the summary, normal and error log files"
			Don't change these settings, they are needed for log files to be properly formatted-->
    <add key="LogHeaderLine1" value="#Software: IISLogs Log Component">
    </add>
    <add key="LogHeaderLine2" value="#Version: 1.0">
    </add>
    <add key="LogHeaderLine3" value="#Date:">
    </add>
    <add key="DeleteLogFileNameFields" value="LogPrimaryKey!dateTime!directoryName!numberOfFileDeleted!TimeStarted!TimeFinished!ComputerName">
    </add>
    <add key="DetailLogFileNameFields" value="LogPrimaryKey!dateTime!directoryName!totalBytesInDirectory!fileName!creationTime!extension!fullName!lastWriteTime!length!fileStatus!ComputerName">
    </add>
    <add key="ErrorLogFileNameFields" value="LogPrimaryKey!dateTime!functionName!errMessage!errSource!errStackTrace!ComputerName">
    </add>
    <add key="SummaryLogFileNameFields" value="LogPrimaryKey!dateTime!directoryName!TotalNumberFiles!TotalNumberFilesChanged!SizeBeforeProcessing!SizeAfterProcesing!TimeStarted!TimeFinished!ComputerName">
    </add>
    <!--This setting determines how long before log files turnover-->
    <add key="FileLoggingAge" value="7">
    </add>
    <add key="purgeArchiveLogsAge" value="14"></add>
    <!--End Log Header Information-->
    <!--***********************************************************-->
    <!--***********************************************************-->
    <!--Begin SMTP configuration
			This feature ONLY will allow for monitoring the SMTP directories, normally under C:InetpubMailroot directory
			This is a separate feature from IISLOGS and won't zip files, ONLY will DELETE files
			ONLY files with extensions of .BAD,.BDR,.BDP will be allowed to be deleted in these directories
			**PLEASE READ : Careful consideration should be done to insure your not deleting files that shorter than your 
			companies file retention period settings. When in doubt, verify with the correct individuals to insure
			this setting is correct, IISLogs assumes NO responsibility for files deleted and later required for any proceedings
			including legal ones. When in doubt, TURN THIS FEATURE OFF**.-->
    <add key="ProcessSmtpSVCDirectories" value="False">
    </add>
    <add key="SmtpSVCDirectories" value="C:InetpubmailrootBadmail,C:InetpubmailrootDrop">
    </add>
    <add key="SmtpDeleteRetentionPeriod" value="0">
    </add>
    <!--End SMTP configuration -->
    <!--***********************************************************-->
    <!--***********************************************************-->
    <!--Begin Delete Only Directory configuration			
			This is a separate feature from IISLOGS, ONLY will DELETE files.
			This is feature to have the ability have some directories that 
			are configured to zip and delete and others to have the option to JUST delete
			after a separate configurable delete parameter, just put a comma deleted list of 
			directories to have their log files deleted separate from 
			IISLogs core functionality I.E.(C:LogfileDir1,C:LogfileDir2,C:LogfileDir3) NO SPACES. 
			**PLEASE READ : Careful consideration should be done to insure your not deleting files that shorter than your 
			companies file retention period settings. When in doubt, verify with the correct individuals to insure
			this setting is correct, IISLogs assumes NO responsibility for files deleted and later required for any proceedings
			including legal ones. When in doubt, TURN THIS FEATURE OFF**.-->
    <add key="ProcessDelOnlySpecificDirectories" value="False">
    </add>
    <add key="DelOnlySpecificDirectories" value="">
    </add>
    <add key="DelOnlySpecificRetentionPeriod" value="0">
    </add>
		<!--This key determines which file attribute will determine the Delete Date of the file
			by default IISLogs keys off the LastWriteDate file attribute to determine how old a file is.  
			IISLogs can also parse the default IISLogs filename exYYMMDD.log (it'll parse out YYMMDD
			and subtract against DelOnlyRetentionPeriod key, if the file age whatever attribute is used
			will delete the file or not.  The two values that need to be here are "LastWriteTime" (default) and 
			FileName (this is case sensative)-->
    <add key="DelOnlySpecificAttribute" value="LastWriteTime">
    </add>
    <!--End Delete Only Directory configuration -->
    <!--***********************************************************-->
    <!--***********************************************************-->
		<!--Begin Email Only Directory configuration-->
		<!--If you want to receive a daily email report, chose YES otherwise say NO. 
			**PLEASE READ : Careful consideration should be done to insure your servers are NOT 
			configured to be exploited by mass-mailers**.-->
    <add key="SendMailReport" value="False">
    </add>
    <add key="From" value="[email protected]">
    </add>
    <add key="To" value="[email protected]">
    </add>
    <add key="mailServer" value="localhost">
    </add>
    <add key="mailPort" value="25">
    </add>
    <add key="mailSubject" value="IISLog Report">
    </add>
    <add key="mailUID" value="c2VjdXJlSURAQ2hhbmdlVGhpc0lJU0xvZ3MuY29t">
    </add>
    <add key="mailPWD" value="Q0hBTkdFVEhJUw==">
    </add>    
    <add key="EnableMailAuth" value="False"></add>
    <!--End Email Only Directory configuration-->
    <!--***********************************************************-->
    <!--***********************************************************-->
		<!--Begin EVENTLOG configuration -->
		<!--This writes an informational message to the local computers Application eventlog-->
    <add key="UseEventLog" value="True">
    </add>
    <!--End EVENTLOG configuration entries-->
    <!--***********************************************************-->
    <add key="Naming" value="Default" />
  </appSettings>
</configuration>