Hi, Iam a log analyst and I am presently working on MS exchange 2007. I have to analyse the message tracking, SMTP, agent and MRM logs. But I dont have any sample logs with me. Also, I guess the customer hasnt installed it hence he also doesnt have logs at the moment. So, could anyone please provide me with any of the above mentioned logs? Its rather urgent. Thanks, Yuvika

Hi, Iam a log analyst and I am presently working on MS exchange 2007. I have to analyse the message tracking, SMTP, agent and MRM logs. But I dont have any sample logs with me. Also, I guess the customer hasnt installed it hence he also doesnt have logs at the moment. So, could anyone please provide me with any of the above mentioned logs? Its rather urgent. Thanks, Yuvika

Hi, I have attached SMTP received or SMTP Send protocol log samples in the first below link. To learn more logging information, I highly suggest you download a Exchange 2007 VHD and do some local test. More links: ==================== Protocol log sample Exchange 2007 VHD Image Managing Message Tracking How to Configure Messaging Records Management Logging How to Manage Agent Log Output Hope it helps, Jason

Meanwhile, here is a Message tracking log which I exportedfrommy test Lab(virtual machine). Hope it helps for you. Regards, Jason ====================#Software: Microsoft Exchange Server#Version: 8.0.0.0#Log-type: Message Tracking Log#Date: 2008-06-10T09:25:59.601Z#Fields: date-time,client-ip,client-hostname,server-ip,server-hostname,source-context,connector-id,source,event-id,internal-message-id,message-id,recipient-address,recipient-status,total-bytes,recipient-count,related-recipient-address,reference,message-subject,sender-address,return-path,message-info2008-06-10T09:25:59.601Z,10.10.10.1,EX12-1.test.com,10.10.10.1,EX12-1,,,STOREDRIVER,RECEIVE,1,<03D99FDF50461F48ABE4E814E0F944BC4DA0C51AE9@EX12-1.test.com>,jasonli@test.com,,3295,1,,,st,jasonli@test.com,jasonli@test.com,04I:2008-06-10T09:26:01.694Z,,EX12-1,,,,,AGENT,RECEIVE,1,<03D99FDF50461F48ABE4E814E0F944BC4DA0C51AE9@EX12-1.test.com>,Administrator@test.com,,3295,1,,,st,jasonli@test.com,jasonli@test.com,2008-06-10T09:26:01.764Z,,,,EX12-1,Transport Rule Agent,,AGENT,DEFER,1,<03D99FDF50461F48ABE4E814E0F944BC4DA0C51AE9@EX12-1.test.com>,,,3295,,,,st,jasonli@test.com,jasonli@test.com,0001-01-01T00:00:00.000Z2008-06-10T09:26:03.156Z,,EX12-1,,ex12-1,,,STOREDRIVER,DELIVER,1,<03D99FDF50461F48ABE4E814E0F944BC4DA0C51AE9@EX12-1.test.com>,Administrator@test.com;jasonli@test.com,,3520,2,,,st,jasonli@test.com,jasonli@test.com,2008-06-10T09:25:38.501Z

Hi Jason, Iam sorry for the late reply but thanks a lot for your help. I studied the logs you sent, but i have a problem in the Send and receive protocol logs. These logs are not present in the proper format as mentioned in the microsoft site. Certain fields are missing like the 'local-endpoint', 'remote-endpoint','session-id, 'connector-id' and 'sequence number'. Also, I dont understand what does the number after the event character represent? does it represent the port number. for eg: <220 edgedns3 ESMTP Microsoft ESMTP MAIL Service, Version: 8.0.647.0; Tue, 29 Aug 2006 04:22:00 -0700 (PDT) Same case is there for the receive protocol logs also.The message tracking logs seem to be fine. so could you pls look into it and help me out. Iam also attaching the link where all the fields that will be present in the protocol logs are there. http://technet.microsoft.com/en-us/library/aa997624(EXCHG.80).aspx Thanks again, Yuvika