LogParser and Exchange


This is the format of a row of the Exchange 2010 message tracking log that is returned with logparser:

 

 

date-time                         2012-12-03T14:06:38.525Z

client-ip                         169.154.6.248

client-hostname                   exch01.heerwegh.ch

server-ip                         10.124.255.231

server-hostname                   exch01

source-context                    08CF9263458C8006

connector-id

source                            STOREDRIVER

event-id                          RECEIVE

internal-message-id               85232297

message-id                        <1687A6D209FA5E4DAB05BD69DCDDD77BF5EA1F@mail.heerwegh.ch>

recipient-address                 address1@heerwegh.com;address2@heerwegh.com

recipient-status                  To;Bcc

total-bytes                       38232

recipient-count                   2

related-recipient-address

reference

message-subject                   RE: this is a test message

sender-address                    test@heerwegh.com

return-path                       olivier@heerwegh.com

message-info                      04I:

directionality                    Originating

tenant-id

original-client-ip                10.28.155.125

original-server-ip                10.124.255.73

custom-data                       S:PurportedSender=olivier@heerwegh.com;S:MailboxDatabaseGuid=6dd5c3-8d7b-4ab3-b174-2c29e0ed7e01;S:ItemEntryId=00-00-00-00-37-66-8B-A6-D2-37-76-4C-9C-89-A4-BC-7D-25-09-FA-07-00-16-87-A6-D2-09-FA-5E-4D-AB-05-BD-69-DC-CF-D7-7B-00-00-00-F3-0C-FD-00-00-16-87-A6-D2-09-FA-5E-4D-AB-05-BD-69-DC-CF-D7-7B-00-00-00-F5-CD-C2-00-00