Queries for the W3CIISLog table
List IIS log entries
Last 50 IIS log entries.
W3CIISLog
| top 50 by TimeGenerated desc
Display breakdown respond codes
Display breakdown respond codes.
W3CIISLog
| summarize count() by scStatus
Maximum time taken for each page
Find maximum time taken for each page.
W3CIISLog
| summarize max(TimeTaken) by csUriStem
Show 404 pages list
Show 404 pages list.
W3CIISLog
| where scStatus == 404
| summarize count() by csUriStem
| sort by count_ desc
Average HTTP request time
Average HTTP request time for HTTP method.
W3CIISLog
| summarize avg(TimeTaken) by csMethod
Servers with internal server error
Show servers throwing internal server error.
W3CIISLog
| where scStatus == "500"
| summarize count() by sComputerName
Count IIS log entries by HTTP request method
Count IIS log entries by HTTP request method.
W3CIISLog
| summarize count() by csMethod
Count IIS log entries by HTTP user agent
Count IIS log entries by HTTP user agent.
W3CIISLog
| summarize count() by csUserAgent
Count IIS log entries by client IP address
Count IIS log entries by client IP address.
W3CIISLog
| summarize count() by cIP
IIS log entries for client IP
IIS log entries for a client IP.
W3CIISLog
| where cIP == "192.168.0.1" // Enter Client IP here
| project csUriStem, scBytes, csBytes, TimeTaken, scStatus, TimeGenerated
| top 100 by TimeGenerated desc
Count of IIS log entries by URL
Count of IIS log entries by URL requested by client.
W3CIISLog
| summarize count() by csUriStem
Count of IIS log entries by host
Count of IIS log entries by host requested by client.
W3CIISLog
| summarize count() by csHost
Total bytes traffic by client IP
Total bytes sent and received by client IP address.
W3CIISLog
| summarize BytesSent = sum(csBytes), BytesReceived = sum(scBytes) by cIP
Bytes received by each IIS computer
Total bytes received by each IIS computer.
W3CIISLog
| summarize sum_csBytes = sum(csBytes) by Computer
| top 500 by sum_csBytes desc
Bytes responded to clients by each IIS server IP
Total bytes responded to clients by each IIS server IP address.
W3CIISLog
| summarize sum(scBytes) by sIP
Average HTTP request time by client IP
Average HTTP request time by client IP address.
W3CIISLog
| summarize avg(TimeTaken) by cIP
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for