How to detect IIS requests by logged in users only?

Question

I'm planning to get some information by processing IIS Log files (after I imported them into SQL Server database).

Now, when user requests for a file that exists on server, even with incorrect credentials, two things happen:

This request is rejected
This bad request is logged, and I cannot detect whether the user has received the file, or not?

I want to process only requests with correct credentials that are responsed without error.

I use Windows authentication mode.

score 1 · Accepted Answer · answered May 06 '14 at 04:06

1

In the IIS logs, there is a field called "sc-status" which would show 200 for a successful response, and 401.x if the user is unauthorized.

answered May 06 '14 at 04:06

Brandon Spilove

1 Answers1