Flat File - Microsoft IIS W3C File
Device Details
| Device Name | Microsoft IIS W3C File |
| Vendor | Microsoft |
| Device Type | IIS W3C File |
| Supported Model Name/Number | N/A |
| Supported Software Version | N/A |
| Collection Method | Flat File |
| Configurable Log Output | N/A |
| Log Source Type | Flat File - Microsoft IIS W3C File |
| Log Processing Policy | LogRhythm Default V 2.0 |
| Exceptions | N/A |
| Additional Information | https://learn.microsoft.com/en-us/windows/win32/http/w3c-logging |
| The log format should be followed | date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken All fields of the IIS log source must be checked for correct parsing. |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
| Type | Product Version | Supported Schema Fields |
|---|---|---|
| V 2.0 : IIS W3C Events | N/A | <process>, <dname>, <dip>, <tag1>, <command>, <url>, <object>, <dport>, <login>, <sip>, <version>, <useragent>, <tag2>, <responsecode>, <bytesin>, <bytesout> |
| V 2.0 : Catch All : Level 1 | N/A | N/A |
Revision History
| KB Version | Log Type | Change Type | Details |
|---|---|---|---|
| KB 7.1.665.0 | Flat File - Microsoft IIS W3C File | New Log Source Optimization (LSO) policy: LogRhythm Default v2.0 | Optimized new log processing policy for Flat File - Microsoft IIS W3C File |