IT tutorials
 
Applications Server
 

Exchange Server 2013 Management and Maintenance Practices (part 5) - Message Tracking

12/22/2014 8:02:09 PM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

Message Tracking

Of the auditing techniques available in Exchange Server, message tracking is by far the least resource intensive and will likely be the most commonly used by administrators. Because this feature has proven so valuable in previous versions of Exchange Server, Microsoft has enabled it by default in Exchange Server 2013. Previously, message tracking was disabled by default and had to be enabled on a server-by-server basis.

Administrators can use message tracking logs for message forensics, reporting, and troubleshooting, as well as analyzing mail flow in an organization.

Message tracking records the SMTP transport activity of all messages sent to or from any Exchange Server 2013 Hub Transport service, Edge Transport service, or Mailbox server.

To perform these procedures on a computer with the Hub Transport service or Mailbox server role installed, administrators must be logged on using an account that is a member of the Exchange Administrators group. The account must also be a member of the local Administrators group on that computer. For a computer with the Edge Transport server role installed, administrators must be logged on using an account that is a member of the local Administrators group on that computer.

Enabling or Disabling Message Tracking

As previously stated, by default, message tracking is enabled on all Exchange Server 2013 computers that deal with message transport. This includes Hub Transport service, Edge Transport service, and Mailbox servers. Message tracking can prove to be extremely useful, and administrators should avoid disabling the feature unless there are overwhelming reasons.

The message tracking is set via command line. All commands must be run from the Exchange Management Shell. As in other shell commands, the <Identity> argument is replaced by the server name. To enable the feature, use the $true argument, and to disable it, use $false.

To enable or disable message tracking on a Hub Transport service or Edge Transport server:

Set-TransportServer <ServerName> -MessageTrackingLogEnabled:[$true or $false]

To enable or disable message tracking on a Mailbox server:

Set-MailboxServer <ServerName> -MessageTrackingLogEnabled:[$true or $false]

Sample command: To disable message tracking on a Mailbox server named Server1, use the following command:

Set-MailboxServer Server1 –MessageTrackingLogEnabled:$false

Changing the Location of Message Tracking Logs

Exchange Server 2013 allows administrators to specify the location of the message tracking logs. The new location becomes effective immediately upon the completion of the command; however, any existing log files are not copied to the new directory—they will remain in the old directory.

By default, these files are located in the C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\MessageTracking directory.

When creating a new directory, the following permissions are required:

Administrator—Full Control

System—Full Control

Network Service—Read, Write, and Delete Subfolders and Files

The location can be set on the properties of the Hub Transport service or Edge Transport server in the Exchange Administration Center using the procedure previously described. To change the default location for these log files via command line, use the following commands in the Exchange Management Shell:

Change message tracking log file location for a Hub Transport server or an Edge Transport server:

Set-TransportServer <ServerName> -MessageTrackingLogPath <LocalFilePath>

Change message tracking log file location for a Mailbox server:

Set-MailboxServer <ServerName> -MessageTrackingLogPath <LocalFilePath>

Sample command: To change the location of the message tracking log to D:\Message Tracking on an Exchange Server 2013 Hub Transport server named Server1, use the following command:

Set-TransportServer Server1 –MessageTrackingLogPath "D:\Message Tracking"

Configuring Message Tracking Log File and Log Directory Maximum Size

To prevent log files from growing so large that they deplete all available disk space, Exchange Server 2013 allows administrators to configure maximum log file and directory sizes. This configuration setting is a per-server setting and, by default, the maximum directory size is 250MB, whereas the maximum log file size is 10MB. When the maximum file size is reached, Exchange Server opens a new log file. When the maximum directory size is reached, Exchange Server overwrites the log files, starting with the oldest logs first.

To configure message tracking log directory and file sizes, use the following commands in the Exchange Management Shell. This cannot be done with the Exchange Administration Center. Be aware, these commands must be performed for each server you want to modify. The <DirectorySize> and <FileSize> arguments should be entered as a number followed by one of the following:

• B (bytes)

• KB (kilobytes)

• MB (megabytes)

• GB (gigabytes)

• TB (terabytes)

Change maximum size for message tracking log directory on a Hub Transport service or Edge Transport server:

Set-TransportServer <ServerName> -MessageTrackingLogMaxDirectorySize
<DirectorySize>

Change maximum size for message tracking log directory on a Mailbox server:

Set-MailboxServer <ServerName> -MessageTrackingLogMaxDirectorySize <DirectorySize>

Change maximum size for individual message tracking log files on a Hub Transport service or Edge Transport server:

Set-TransportServer <ServerName> -MessageTrackingLogMaxFileSize <FileSize>

Change maximum size for individual message tracking log files on a Mailbox server:

Set-MailboxServer <ServerName> -MessageTrackingLogMaxFileSize <FileSize>

Sample command: To set the maximum size for the message tracking log directory on a Hub Transport service server named Server1 to 500MB, use the following command:

Set-TransportServer Server1 –MessageTrackingLogMaxDirectorySize 500MB

Configuring the Maximum Age for the Message Tracking Logs

In addition to having the ability to configure the maximum file and directory sizes for message tracking logs, administrators can also configure a maximum age for each message tracking log file. The default age is set to 30 days, and any log files that exceed this age are deleted by Exchange Server.

To change the maximum age of message tracking log files, use the following commands in the Exchange Management Shell. This cannot be done with the Exchange Administration Center. The <Age> argument is entered in the following format: DD.HH:MM:SS, for days, hours, minutes, seconds.

Change maximum age for the message tracking log files on a Hub Transport service or Edge Transport server:

Set-TransportServer <ServerName> -MessageTrackingLogMaxAge <Age>

Change maximum age for the message tracking log files on a Mailbox server:

Set-MailboxServer <ServerName> -MessageTrackingLogMaxAge <Age>

Sample command: To set the maximum age of the message tracking log files on an Exchange Server 2013 Mailbox server named Server1 to 45 days, use the following command:

Set-MailboxServer Server1 –MessageTrackingLogMaxAge 45.00:00:00
 
Others
 
- Exchange Server 2013 Management and Maintenance Practices (part 4) - SMTP Logging
- Exchange Server 2013 Management and Maintenance Practices (part 3) - Auditing the Environment
- Exchange Server 2013 Management and Maintenance Practices (part 2) - Remote Connectivity Analyzer
- Exchange Server 2013 Management and Maintenance Practices (part 1) - Maintenance Tools for Exchange Server 2013
- Microsoft Sharepoint 2013 : Administering Sharepoint with Windows Powershell - Basic PowerShell Usage (part 3) - Controlling Output
- Microsoft Sharepoint 2013 : Administering Sharepoint with Windows Powershell - Basic PowerShell Usage (part 2) - PowerShell Help , PowerShell Variables
- Microsoft Sharepoint 2013 : Administering Sharepoint with Windows Powershell - Basic PowerShell Usage (part 1) - Listing the SharePoint Commands
- Microsoft Sharepoint 2013 : Administering Sharepoint with Windows Powershell - Commands
- Microsoft Sharepoint 2013 : Microsoft SharePoint 2013 Management Shell and Other Hosts
- Microsoft Lync Server 2013 : Dependent Services and SQL - Server Certificates - Installing Lync Certificates
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us