GET /exchange/ - 80 - xxx.xxx.x.x Mozilla/4.0 401 2 2148074254. (The x's are replacing an IP address.)
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Are these lines normal, or is that someone trying to hack into our system?
The log format is based off of the W3C's extended log file format. For troubleshooting purposes, it is possible to have additional information logged.
In the following example, notice that, in addition to what you are logging, there is also a domain and username being logged:
2005-08-05 00:25:05 192.168.1.11 GKrich.luckett 192.168.1.250 80 GET /exchange - 404 Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0;+DigExt)
Learn more about the format here.
Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:
Related Q&A from Richard Luckett
My mailbox migration from Exchange 2010 to Exchange 2013 is moving very slowly. What might be causing this and how can I speed up the process?continue reading
I'm finishing up an Exchange 2007 to 2010 migration. Do I need to switch over the public folders? If so, what is the best method to do it?continue reading
Hackers corrupted my Exchange 2010 files, so now I can't open them. How can I restore my server and prevent this from happening again?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.