I have an Umbraco instance in the Azure cloud, v4.7 if memory serves correctly. I need to utilise IIS logging to obtain website usage statistics, but there appears to be a limitation.
I have multiple different websites, all using various website templates but the IIS logs don't appear to output the domain name. How can I get IIS to output the domain name?
Below is an example of what the current IIS logs capture (I know this is a BOT crawling the webpages, but I have genuine traffic but can't identify which website is visited):
2012-08-06 00:11:54 10.61.52.73 GET /insurance/insurance/ - 80 -
46.4.38.67 InnovantageBot/1.0+(http://www.innovantage.co.uk/technology/webmaster_information.htm) 200 0 0 390 2012-08-06 00:11:55 10.61.52.73 GET /insurance/reason/ - 80 - 46.4.38.67 InnovantageBot/1.0+(http://www.innovantage.co.uk/technology/webmaster_information.htm) 200 0 0 578 2012-08-06 00:11:55 10.61.52.73 GET /insurance/type/ - 80
00:11:55 10.61.52.73 GET /life/qa/ - 80 - 46.4.38.67 InnovantageBot/1.0+(http://www.innovantage.co.uk/technology/webmaster_information.htm) 200 0 0 359 2012-08-06 00:11:55 10.61.52.73 GET /life/reasons/ - 80 -
46.4.38.67 InnovantageBot/1.0+(http://www.innovantage.co.uk/technology/webmaster_information.htm) 200 0 0 328 2012-08-06 00:11:57 10.61.52.73 GET /insurance/glossary/ - 80 - 46.4.38.67 InnovantageBot/1.0+(http://www.innovantage.co.uk/technology/webmaster_information.htm) 200 0 0 374
In your WebRole.cs you can tweak IIS and each site running in IIS. You can choose which fields should be logged and I think you're looking for the LogExtFileFlags.Host field:
using (var manager = new ServerManager())
{
var siteName = RoleEnvironment.CurrentRoleInstance.Id + "_Web";
var site = manager.Sites[siteName];
site.LogFile.LogExtFileFlags |= LogExtFileFlags.Host;
manager.CommitChanges();
}
Make sure your role is running in elevated mode, change this in your ServiceDefinition.csdef file:
<Runtime executionContext="elevated" />
And you should also be able to change this setting using appcmd.exe:
http://www.iis.net/ConfigReference/system.applicationHost/sites/siteDefaults/logFile#005
Related
I have a C# based webAPI hosted on Azure WebApp.
Sporadically, the HTTP OPTIONS call fails with a 500 error.
The OPTIONS call is not handled by our code. So I assume the server handles it by itself.
I tried enabling logs but both event log and web server logs does not print anything other than that it failed with a 500 error.
Any ideas why this would happen?.
Update:
I see only the below error messages in the web server logs. No details
Additionally I added code in my webAPI to handle options call, but the code does not go there. Not sure if I need to enable/disable something in web.confi.
2017-08-31 11:49:39 xxx.mywebsite.com OPTIONS /api/apiname StartDate=2017-08-25&EndDate=2017-08-31&X-ARR-LOG-ID=d86ffe7f-32c9-410b-8116-65833d5af7b9 443 - xxx.xxx.xxx.xxx Mozilla/5.0+(Windows+NT+6.1;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/60.0.3112.113+Safari/537.36 - www.website.com 500 121 0 636 1612 230013
I recently started using Google App engine for hosting a Node.js application. The app is still in development and thus should be dormant most of the time, but I noticed that I am getting a lot of activity each day, which results in Google billing me for 'up time'. Inspecting the logs I see that I am getting loads of 'url scans' to no existent url's
A 404 18 B 1 ms GET Chrome 56 / 404 18 B 1 ms GET Chrome 56
A 404 18 B 2 ms GET Chrome 56 /portal/client/cms/viewcmspage.action 404 18 B 2 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /admin/agent/default.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /vportal/web/gateway/home.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts2_2.3.15.1-showcase/showcase.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts2-showcase/login.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts/login.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts2/login.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /web/Index.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET - /phpmyadmin/scripts/setup.php 404 18 B 1 ms GET -
A 404 18 B 1 ms GET Chrome 56 / 404 18 B 1 ms GET Chrome 56
A 404 18 B 2 ms GET Chrome 56 /portal/client/cms/viewcmspage.action 404 18 B 2 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /admin/agent/default.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /vportal/web/gateway/home.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts2_2.3.15.1-showcase/showcase.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts2-showcase/login.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts/login.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 1 ms GET Chrome 56 /struts2/login.action 404 18 B 1 ms GET Chrome 56
A 404 18 B 2 ms GET Chrome 56 /web/Index.action 404 18 B 2 ms GET Chrome 56
A 404 18 B 1 ms GET the beast /phpmyadmin/scripts/setup.php 404 18 B 1 ms GET the beast
Is there any way for me to block these, or change the port my app runs on? I tried using the firewall, but from what I see it only applies to "Compute engine".
Any help would be appreciated.
I think this would work: during development, enable the Identity Aware Proxy in front of your app to block any users except yourself or other developers that you authorize. The Identity Aware Proxy allows you to specify Google accounts (Gmail, G Suite domains, etc) that are allowed to access your application. Because this occurs before they connect with your account I believe it should stop random traffic from messing with your billing.
Navigate to the Identity Aware Proxy page in the Google Cloud Platform Console.
Enable the IAP toggle.
Enter the appspot.com or custom domains URLs that you want to enforce the login restrictions in front of.
In the Access pane, click Add and enter your Gmail or Google account email address.
Verify that only your signed in account can hit your URLs test an incognito connection to see verify it does not hit your URL prior to the proxy.
I wrote a simple RESTful web service API using WCF 4.5 to exchange data with our iPhone application. The service is hosted at my office on a Windows 2012 Server with IIS 8.0 and is exposed externally through my company's domain (i.e. https://api.company.com/).
The issue that I am having is that when I access my API from a WiFi network on my phone I am seeing relatively fast response times (~1s) but when I access my API from my AT&T LTE connection the response times are brutally slow most of the time (~10-20s). According to http://www.speedtest.net, my download and upload speeds on LTE are actually faster than my WiFi connections.
I have performed my tests both in the office and away from the office. While at the office the WiFi network is on the same internal network as the server, but while at my home my WiFi network is not on the same network. I see the same ~1-2s response times on WiFi whether at home or in the office and I see the same ~10-20s response times on LTE in both locations.
I have enabled some logging on IIS to see reveal the individual requests with their response times. I changed my search query each time to ensure that the response wasn't being cached somewhere. I am only pulling back the first 100 records so the duration of the query should be about the same for any letter of the alphabet. The 50.x.x.x address is from my home WiFi and the 166.x.x.x address is from the LTE connection. The first request made on LTE actually timed out here and sited the sc-win32-status of 995 (ERROR_OPERATION_ABORTED). This happens from time to time and I am not sure what the issue is there either or if it is related. One of the queries on LTE (q=j) took 3s.
#Fields: date time cs-method cs-uri-stem cs-uri-query s-port c-ip sc-status sc-substatus sc-win32-status time-taken
2015-05-19 01:29:21 GET /v1/users q=a 443 50.130.105.236 200 0 0 1762
2015-05-19 01:29:25 GET /v1/users q=b 443 50.130.105.236 200 0 0 1060
2015-05-19 01:29:29 GET /v1/users q=c 443 50.130.105.236 200 0 0 1060
2015-05-19 01:29:33 GET /v1/users q=e 443 50.130.105.236 200 0 0 1294
2015-05-19 01:29:39 GET /v1/users q=e 443 50.130.105.236 200 0 0 3151
2015-05-19 01:29:44 GET /v1/users q=f 443 50.130.105.236 200 0 0 1294
2015-05-19 01:30:11 GET /v1/users q=g 443 166.170.53.188 200 0 995 20156
2015-05-19 01:30:51 GET /v1/users q=h 443 166.170.53.188 200 0 0 19438
2015-05-19 01:30:59 GET /v1/users q=j 443 166.170.53.188 200 0 0 2979
2015-05-19 01:32:43 GET /v1/users q=k 443 166.170.53.188 200 0 0 23931
2015-05-19 01:32:57 GET /v1/users q=l 443 166.170.53.188 200 0 0 8502
2015-05-19 01:33:03 GET /v1/users q=m 443 50.130.105.236 200 0 0 2308
2015-05-19 01:33:06 GET /v1/users q=n 443 50.130.105.236 200 0 0 1372
2015-05-19 01:33:11 GET /v1/users q=o 443 50.130.105.236 200 0 0 1560
2015-05-19 01:33:16 GET /v1/users q=p 443 50.130.105.236 200 0 0 1419
I have tried configuring Failed Request Tracing in IIS for when the time-taken is > 5 seconds (using this post). The longest duration in the event log was ~1s between AspNetHttpHandlerEnter and AspNetHttpHandlerLeave and I couldn't figure out why the requests were taking > 5 seconds on LTE.
Additional Info
The service is secured using HTTPS and basic authentication.
The service uses Entity Framework 6.0 and SQL Server
The payload is JSON and compressed using gzip
The amount of data being transferred is less than 10kB
The service is not currently using any async calls
The service is being accessed very lightly at the moment (<500 calls per day)
I deployed OpenAM with cross domain but when I tried to view has sample application agent tomcat, after authenticating the server OpenAM he returns 404 error:
HTTP Status 404 - / appagent / sunwCDSSORedirectURI
Status report types
message / appagent / sunwCDSSORedirectURI
description The requested resource (/ appagent / sunwCDSSORedirectURI) is not available.
note: in my page sunwCDSSORedirectURI.jsp agent deploy on tomcat contains no treatment is that it is normal ?
You have to deploy the 'agentapp' as well ... documentation is your friend 'http://docs.forgerock.org/en/openam-pa/3.1.0-Xpress/agent-install-guide/index.html#chap-apache-tomcat' section 9.2, step 7
We are trying to implement client certificate authentication in IIS 7.5. We have configured many-to-one mapping, disabled all other authentication modes and now the cert-authentication seems to work correctly: we can correctly read the certificate information from a test .aspx page and also the authenticated username is the one configured in many-to-one mappings.
However, even though everything seems to work correctly, each "new" browser session causes one "extra" error status 500 row in the IIS log, just before the authentication is successful:
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port ... cs-host sc-status sc-substatus sc-win32-status time-taken
2013-02-12 09:46:35 10.40.64.45 GET /certtest.aspx - 443 - ... - site.mydomain.com 500 0 64 31
2013-02-12 09:46:35 10.40.64.45 GET /certtest.aspx - 443 - ... - site.mydomain.com 200 0 0 734
Same "extra" error status 500 issue happens for any file, e.g. for images, .css, .js, so certainly it's not a problem in the certtest.aspx file.
Any ideas, what could cause this error status 500 in IIS?
It seems that we managed to solve this issue by setting the SSLAlwaysNegoClientCert Metabase Property to True.
Technet article from IIS6.0 (!) Admin reference