2

I am looking to create an application to parse Exchange logs (incoming and outgoing) and process the data. This application needs to work across versions of Exchange - with the earliest version realistically being Exchange 2000.

My main question is, how does the log data vary from version to version?

Furthermore, what information is stored as a minimum in the logs - sender, recipient(s), subject, date, result?

The final question is - what (if any) is the common link between a series (original message, replies, forwards etc) of emails, in Exchange? Is there some kind of thread linking a series of emails, or is this threading merely implied?

BrynJ
  • 121
  • 3
  • You're going to be happier by having a separate parser for each different version, detect which one to use, and normalize the results. – Scott Pack Oct 20 '12 at 19:17

1 Answers1

0

Message Tracking logs should be pretty similiar. I'd expect them to be the same Excahnge 2000/2003 (and possibly 2007) and a bit different on 2010. They may all be the same but I don't have sample data to confirm. Exchange 2010 in particular has alot of additional file system logging that's new.

Brian Desmond
  • 880
  • 4
  • 7