Howto: Filter Message Tracking logs in Microsoft Exchange using Powershell

Today I’ve been working with a vendor, trying to figure out why not all of my client’s users are receiving a certain notification email. I enabled message tracking in Exchange 2003, but it creates a log file that’s in a fairly unreadable format.

I found this post that describes using the Microsoft Log Parser utility to run SQL queries against the message tracking logs. Even after reading the documentation and unofficial Log Parser reference site, I was having difficulties constructing the queries; I just wanted to know who received the email and what date and time they got it. had an article on Log Parser, but since I don’t subscribe to their site, I only got the first few paragraphs of the article.

This batch file generator gave me too much information. It seemed like exporting this information was way more difficult than it should have been.

Then I came across this Powershell script Glen wrote that generates a form that allows you filter the message tracking log files based on your criteria. It took all of three minutes to download and run, and I was able to save the information into a .csv file. Brilliant!

One more thing… if you want to use message tracking on an Exchange 2000 cluster, see Microsoft KB327977. And if your inetinfo.exe utilization suddenly goes through the roof, check out Microsoft KB811409. Both of these issues appear to be resolved in KB813840.

[updated 06-29-2007]

I found another Exchange log search tool. It doesn’t use Powershell, and I haven’t used it personally, but I would love to hear if it works or not.

Comments [4]

  1. The Exchange Log Search Tool has issues parsing log files with over 10,000 lines. I don’t recommend using it, maybe for smaller log files.

Leave a Reply

Your email address will not be published. Required fields are marked *