IIS ETW logs diagnostic
This article introduces the Microsoft Internet Information Services (IIS) Event Tracing for Windows (ETW) logs diagnostic collects various IIS-related logs.
Original product version: Internet Information Services
Original KB number: 2697604
Summary
This IIS ETW logs diagnostic collects various related logs, event logs, and allows the user to capture an IIS ETW trace log. The following tables list collected information.
Operating system
Description |
---|
Machine Name: OS Name: Last Reboot/Uptime: AntiMalware: User Account Control: Username: |
Computer system
Description |
---|
Computer Model: Processor(s): Machine Domain: Role: |
Event log files
Description | File Name |
---|---|
Application Event Log | {Computername}_evt_Application.evtx |
System Event Log | {Computername}_evt_System.evtx |
Security Event Log | {Computername}_evt_Security.evtx |
IIS Configuration Administrative Event Log | {Computername}_evt_IISConfiguration-Administrative.evtx |
IIS Configuration Operational Event Log | {Computername}_evt_IISConfiguration-Administrative.evtx |
IIS log files
Description | File Name |
---|---|
Http Error Logs | {Computername}_HttpErrorLogs.zip |
IIS Log Files | {Computername}_IISLogs.zip |
IIS/HTTP ETW Log | {Computername}_IISEtwLogFiles.zip |
Installation setup logs for IIS
Description | File Name |
---|---|
IIS Setup Log | {Computername}_IIS7.log |
CBS Setup Log | {Computername}_CBS.log |
More information
If the user selects to collect an IIS/HTTP ETW log, the IIS ETW logs diagnostic will enable an IIS ETW Trace named IIS ETW SDP Trace. The diagnostic will automatically stop this trace when the user is clicks next while the trace is running. If the user clicks Cancel, they should stop the trace with the following command from an Administrative command prompt:
LogMan.exe stop "IIS ETW SDP Trace" -ets
References