Users send and receive number of messages everyday using their Exchange account. In many situations MS Exchange administrator need the track of all emails that have been sent, received and the emails that are not received from and sent to the destination. To take such record admin needs a tool that can help them to get the log of these messages.
Ms Exchange provides a message tracking utility that is available in Exchange 2010. For this, we can use PowerShell Cmdlet Get-MessageTrackingLog to track the message log report. Admin can search for message tracking logs using PowerShell in Exchange 2010 very effectively. This article depicts method of Message Tracking log in Exchange Server 2010 using PowerShell.
What is Message Tracking?
Message tracking is way to record the detailed log of all message activity. It track all the messages transferred to and received from the system that is connected with Exchange Server.
The by default location of message tracking log file is:
“C:\ProgramFiles\Microsoft\Exchange Server\V14\Transport Roles\Logs\Message Tracking”
“C:\ProgramFiles\Microsoft\Exchange Server\V14\Transport Roles\Logs\Message Tracking”
Need of Message Tracking
The admin needs a track of message record:- For reviewing the message history or to find out all messages that organisation received from outside environment to Exchange.
- To find out what happened to the message that was sent by the specific user
- For the purpose of Data Mining
- To evaluate the Performance of Exchange
- To find out all messages sent by the user in specific range of time
Using Command Line For Tracking Messages In Exchange 2010
Using PowerShell Cmdlet for tracking the message record, admin can perform further filtering by specifying date and time ranges while using Cmdlet for message tracking. There are number of filters that admin can apply to find out the desired log result. Some of them are mentioned below:
-Start and -End
When admin wants to narrow down the log information, they can specify the range of search. By default, system keeps tracking log for 30 days.
-Event Id
It shows different status of messages or message event type. The possible values can be DELIVER, BADMAIL, FAIL, RECEIVE, SEND, SUBMIT and TRANSFER.
-Recipients
SMTP addresses of receiversSender
SMTP addresses of senders-MessageSubject
Filters the messages using subject field present in header-MessageID
Used to track messages transferred across the different mail systems-InternalMessageID
It is an integer value that is different on every Exchange Server-Server
With this parameter, admin can access the log report of separate management server-ResultSize
Using this parameter will restrict the number of output resultsFinding Messages Using Commands
- To find out messages by sender:
Get-MessageTrackingLog -sender “Seapro@xyzdomain.com” - To find out messages by sender:
Get-MessageTrackingLog -recipients “Seapro@xyzdomain.com” - To find out messages received and sent:
Get-MessageTrackingLog -sender “Seapro@xyzdomain.com” -eventID RECEIVEGet-MessageTrackingLog -sender “Seapro@xyzdomain.com” -eventID DELIVER - For further filtering user can go for Start and End time
Get-MessageTrackingLog -sender “Seapro@xyzdomain.com” -eventID DELIVER -Start “1/01/2016 5:00PM” -End “10/03/2016 10:00AM”Admin can also customize the parameters to get desired resultant log track Get-MessageTrackingLog -sender “Seapro@xyzdomain.com” -eventID DELIVER -Start “1/01/2016 5:00PM” -End “10/03/2016 10:00AM” -ResultSize 20
Conclusion
By using above mentioned commands, admin can effectively Search for Message Tracking Logs using PowerShell in Exchange 2010. This procedure of finding message tracking log using PowerShell is much simpler than using Exchange console.
Tej Pratap Shukla
ABOUT.ME Profile
ABOUT.ME Profile
Previous Blog: Remove Exchange Server 2007 After Migration to 2010/2013
0 comments:
Post a Comment
Post a reply