Exchange, MessageLog Tracking, and Testing

I’d been given an assignment to create a script that would parse old message tracking logs for when distribution groups had last had an email sent to it for reporting purposes. In doing so, I needed a way to test old logs, logs that could be as much as a year old. The only issue was that my production environment only had logs that went back 1-3 months. To remedy this I created Message logs to cover that timeframe.

The purpose of this article is learning how to create a set of Message Tracking Logs that you can use in a test environment for testing your PowerShell scripts on:

How to make Message Logs for testing:

Script a bunch of emails to some recipients (groups, mailboxes, etc)

Stop the following services:

Microsoft Exchange Transport
Microsoft Exchange Transport Log Search


Move the logs to a subfolder of the MessageTracking folder and rename them to identity them later.


The restart the two services you stopped earlier:

Microsoft Exchange Transport
Microsoft Exchange Transport Log Search

Then repeat the previous steps. For log create and more logs files. I usually do them by date order, either montly, weekly, or whatever I am testing.

Once your logs files are ready, we need to change the name of the file, the dates of the file as well as some of the data in the file. Remember, do not do this in production, only use these procedures for testing.

First, the file name:

Change the date to match when you want to the file to be for. Example – May 20, 2012 ‘MSGTRK20120520-1.LOG’.

Next the dates inside the file:


The circled dates need to be changed to match. Simply perform a Replace within Notepad.


Click Replace All. Once those values are replaced, save the file.
Next we need to change the dates on the file. You can either use PowerShell or free tools like “FileDate” to change the file attributes.

Once all of these are completed, simply restart the ‘Microsoft Exchange Transport Log Search’ service.

Now that you’ve completed all of the above steps, you can run your scripts against these files.

Here is what my logs look after I completed my changes:


That’s it. Again, do not do this in production, only in practice.

*** UPDATE ***
Forgot to mention, make sure you modify the max age of your transport logs as they will keep disappearing if you do not….

get-transportserver | set-transportserver -messagetrackinglogmaxage 600


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s