1

We have a client running ISA2006 with logs going to MSDE.

The MSDE database gets rotated. We have NO control over the client infrastructure.

We need to get the logs out to a TEXT file on the server itself which will be forwarded to a remote server by other software we already have in place.

My first thought was doing it via Stored Procs. Another option is vbscript? The actual table holding the logs has no primary key or other identifier so I think the dump should be done once a day for the previous day, but ideally it should run several times a day.

Any ideas?

TristanK
  • 8,953
  • 2
  • 27
  • 39
Johandk
  • 133
  • 5
  • You/they can control the logging in ISA 2006 through the "Configure Firewall Logging" in the ISA console under Monitoring > Logging. It can point to SQL or w3c files but if you change it from MSDE it won't allow log viewing in the ISA console, likely upsetting the firewall admin. – Bret Fisher Mar 15 '11 at 17:36
  • Sounds like stored procs or SQL cmd in scheduled task is the right way to go, let us know your final solution! I'd like to get my ISA logs into Splunk myself. – Bret Fisher Mar 15 '11 at 17:37
  • Thinking of using the bundled Splunk Python to extract from SQLServer. I'll post my final solution when it's done. A stored proc might work as well. – Johandk Mar 25 '11 at 14:15
  • Looking forward to it Johandk. Maybe there's a SQL cmdlet in PowerShell that could do an export based on timestamp, then run that ever 15m via Scheduled Task. VBScript is too cumbersumb and legacy for my taste anymore (as evidenced by the long script in MSDEToText). – Bret Fisher Mar 26 '11 at 19:05

2 Answers2

1

This sounds like another job for MSDEToText!

It's a tool from the ISA Server team used for exactly this purpose. There's a 2004 and a TMG version of it available too.

TristanK
  • 8,953
  • 2
  • 27
  • 39
  • Looks good!!! I'll give it a try – Johandk Mar 22 '11 at 09:26
  • Looked at the script but it doesn't comply to our requirements. Need to do extractions on an hourly basis. Without modifying the script it's just not gonna work. – Johandk Mar 25 '11 at 14:10
0

The tool name is Log Parser 2.2, its microsoft tool, you may downlaod from here to convert and read you ISA/TMG logs.

http://www.microsoft.com/en-us/download/details.aspx?id=24659

Zubair
  • 1