How do I setup IIS to rotate logs?

Question

I've used Apache for years and I've taken for granted that it handles log rotation for me. I've been digging through the IIS config and googling, but I can't find an option for IIS to turn on log rotation.

What is the preferred way to configure IIS to delete logs past a certain threshold? Are there any products out there that do this for you? What do enterprisy Windows shops do?

Configuration: IIS 6.0 / Windows Server 2003 32-bit

A very good question. IIS does have rotation, but does not handle purging, nor archiving. I do not understand why a product, so mature in other areas, would be missing such a basic feature. With the default configuration, IIS commits suicide by filling the root drive with logs. (I guess the same can be said for SQL and its transaction logs.) — Nathan Hartley, Mar 10 '14 at 19:20

score 13 · Accepted Answer · answered Sep 26 '11 at 23:00

13

There's no built in mechanism to handle log rotation or archiving. There may be third party products to handle this chore or you could script something and configure a scheduled task. I have only a handfull of IIS servers so I just set up a recurring Task in Outlook to remind me monthly to delete IIS log files older than 30 days.

answered Sep 26 '11 at 23:00

joeqwerty

109,901
6
81
172

6

That sounds painful. Try scheduling this... Get-ChildItem E:\log\* -Include ex*.log -Recurse | Where-Object {$_.LastWriteTime -lt (Get-Date).AddDays(-30)} | Remove-Item – Nathan Hartley Mar 10 '14 at 21:18

score 7 · Answer 2 · answered Sep 26 '11 at 23:13

7

Check: http://www.808.dk/?code-iis-log-housekeeping

A bunch of scripts are available, which you can add in the scheduled task = logrotation :)

answered Sep 26 '11 at 23:13

SparX

1,924
12
10

score 5 · Answer 3 · answered Sep 26 '11 at 23:37

Have a look at the IIS Logs tool (http://www.iislogs.com/). There are a couple of different ways to install this and does a very effective job at managing IIS and other log files (compress files to .zip format, move them to different locations, delete files past a certain date, etc.).

score 1 · Answer 4 · answered Jul 12 '13 at 13:25

Setup a scheduled task to use robocopy to copy the files to a subdirectory named "old". It has a switch, /minage:x that you can set to 30,60, or whatever you feel. Then delete everything in that directory. I'm doing it this way on a couple dozen servers, and it seems to do the trick.

score 0 · Answer 5 · answered Jan 26 '12 at 18:00

The other answers are good, and offer a more robust solution to this problem. If you just need a quick fix, you can setup CCleaner to automatically clean your logs folder each time you login, or on a schedule.

Keep in mind, though, that this deletes all logs, not just aging files.

I followed these instructions but added that I wanted it to run even when the user was logged off, as is the normal case on a server.

score 0 · Answer 6 · answered Mar 10 '14 at 19:28

I recently posed this same question on the Powershell.org forum. Then ended up posting a hack of a Script Resource for Desired State Configuration, that I will be using to solve my need for a log purging routine. Maybe some of this code will be useful to others.

# Requires an E: drive.

configuration LogDirectory
{
    param (
        [Parameter(Mandatory)]
        [ValidateNotNullOrEmpty()]
        [string[]]$Node
    )
    node $Node
    {
        Script LogDirectoryScript
        {
            GetScript = {
                $result = (Test-Path 'E:\log') -and (schtasks.exe /query /TN Purge_Log_Folder | Select-String Purge_Log_Folder -Quiet)
                return @{
                    GetScript = $GetScript
                    SetScript = $SetScript
                    TestScript = $TestScript
                    Result = $result
                }
            }

            SetScript = {
                Write-Verbose 'Creating log directory.'
                if ( -not (Test-Path 'E:\log')) { 
                    New-Item -ItemType Directory -Path 'E:\log'
                }

                Write-Verbose 'Changing permissions to log directory such that any user can write, but only an administrator can read or modify.'
                $acl = (Get-Item 'E:\log').GetAccessControl('Access')
                $acl.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule('Users','Write', 'Allow')))
                Set-Acl -Path 'E:\log' -AclObject $acl | Out-Host

                Write-Verbose 'Scheduling purge task.'
                $script = 'Get-ChildItem E:\log\* -Include ex*.log -Recurse  | Where-Object {$_.LastWriteTime -lt (Get-Date).AddDays(-7)} | Remove-Item'
                Set-Content -Path C:\Windows\Purge_Log_Folder.ps1 -Value $script
                $task = 'Powershell.exe -NoProfile -ExecutionPolicy RemoteSigned -File C:\Windows\Purge_Log_Folder.ps1'
                SCHTASKS /CREATE /TN Purge_Log_Folder /TR $task /SC DAILY /ST 23:59 /RU SYSTEM /F | Out-Host

                Write-Verbose 'Configuring IIS'
                # Default Log File Settings for Web Sites <logFile>
                # http://www.iis.net/configreference/system.applicationhost/sites/sitedefaults/logfile
                Import-Module WebAdministration
                Set-WebConfigurationProperty '/system.applicationHost/sites/siteDefaults' -name logFile -value @{
                    directory = 'E:\log'
                    localTimeRollover ='true'
                    period = 'Hourly'
                }
            }

            TestScript = {
                (Test-Path 'E:\log') -and (schtasks.exe /query /TN Purge_Log_Folder | Select-String Purge_Log_Folder -Quiet)
            }
        }
    }
} 
LogDirectory

score 0 · Answer 7 · edited Mar 02 '18 at 03:14

0

You could do this with a scheduled task and a batch file.

forfiles -p "C:\Path\To\Log\Files" -m *.* /D -30 /C "cmd /c del @path"

edited Mar 02 '18 at 03:14

Andrew Schulman

8,811
21
32
47

answered Mar 01 '18 at 19:56

Davin Studer

101
2

fernacolo · Answer 8 · 2023-03-09T00:13:43.777

-1

IIS 7 introduces a configuration to periodically clear binary log files. For more information look at period in the following link:

http://www.iis.net/configreference/system.applicationhost/log/centralbinarylogfile

edited Mar 09 '23 at 00:13

answered Sep 15 '16 at 17:55

fernacolo

169
1
1
7

1

I don't think this feature deletes log files, it only specifies the period for the creation of a new log file, i.e. daily, hourly, etc. The document you linked defines period as "Specifies how frequently the current log file is closed and a new log file is started." There is no mention of deletion. – unhappyCrackers1 Apr 10 '17 at 16:35
@unhappyCrackers1 You are correct regarding the /centralw3clogfile document. However, for the /centralbinarylog file, it explicitly states that the contents are cleared, which is equivalent to log rotation. – fernacolo Mar 09 '23 at 00:13

How do I setup IIS to rotate logs?

8 Answers8