Chris Blankenship's Ramblings

Back in February I wrote an article about limiting what gets logged in your IIS logs.  The previous post was focused on IIS 6.0 and was primarily about editing the IIS metabase using the adsutil.exe command.  Recently I upgraded to Windows 2008 and IIS 7.0 and quickly realized that the IIS 6.0 Metabase no longer existed.  In fact, IIS 7.0 uses an XML file to store all configuration details.  You can read more about the IIS 7.0 configuration on The Official Microsoft IIS Site, which is full of documents, articles, and training videos.

So I started looking around for the steps to perform the same level of configuration within IIS 7.0.  I spent some considerable amount of time looking but couldn’t locate anything that really talked about limiting what gets logged.  Finally I found an entry in the IIS forums where someone else asked about limiting logging.

It turns out that it’s pretty simple to add this command into a location tag within the %windir%\system32\inetsrv\config\applicationHost.config file.  As an example I could stop logging calls to the image.axd file by including the following tags in the config file:

<location path="www.dscoduc.com/image.axd">
  <system.webServer>
    <httpLogging dontLog="true" />
  </system.webServer>
</location>

I could also stop logging javascript files by adding a location tag to the javascript folder where the javascript files are located:

<location path="www.dscoduc.com/js">
  <system.webServer>
    <httpLogging dontLog="true" />
  </system.webServer>
</location>

The end result is exactly as you would expect; specified locations would no longer appear as entries in the IIS log files.  Up till now these changes were made in the applicationHost.config file and not in the web.config file for the respective web site.  This sort of bothers me as I would prefer to keep each web site configuration settings in their respective web.config file for easier backup and restore.  Doing so would help when copying a web site from one server to another.

So I placed the location tags in the web site web.config and checked to see if the behavior was the same; it wasn’t.  I triple checked my work but nothing I could do would produce the expected results.  Frustrated I contacted someone in the IIS product group and was given the explanation that made the confusion fade away:  By default, the dontLog feature is locked in the applicationHost.config file.

Essentially this means that in able to add the dontLog feature in web.config files you have to first unlock the feature from the applicationHost.config file.  Simple task really, by using the following command line syntax:

%windir%/system32/inetsrv/appcmd unlock config –section:system.webServer/httpLogging

Once the syntax has been executed you can now add the location tags in the web.config and see the expected results.  One catch to worry about though is the path to the folders.  The following paths are relevant when configuring the dontLog flag in the web.config file:

web.config = [application name/]folder

The path is resolved against the folder where the web.config file reside. We can’t use the ~ operator in this element.  So in my previous examples the syntax would be a little different in the web.config file:

<location path="js">
  <system.webServer>
    <httpLogging dontLog="true" />
  </system.webServer>
</location>

Additionally, you can install the IIS 7.0 Administration Pack and then you will be able to use the IIS Configuration Editor for configuring locations.  One last note is the IIS configuration system used the exact same concept as ASP.NET does, so you can refer to the  ASP.NET Settings Schema of the location Element.