Filtering Message Tracking Log

Filtering message tracking log on the basis of sender & recipient can be easily achieved thru powershell:

For example:

you want to find mails where sender or recipents are from specific domain:

Run the below powershell command on the hub server & export the results to comma separated file.

Get-MessageTrackingLog -Server exchange-hub -EventId receive -Start “May 16 2010 12:00AM” -resultsize unlimited | where {
$_.recipients -like *@abc.com -or $_.sender -like *@abc.com} | select Timestamp,clientip,ClientHostname,ServerIp,ServerHostname,sender,@{Name=”Recipents”;Expression={$_.recipients}} | export-csv c:\abc.csv

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s