Merge pull request #1838 from microsoft/dpaul-ElcUpdate

Exchange Log Collector Update
microsoft · Oct 2, 2023 · 732e0cf · 732e0cf
2 parents 8be8813 + e7e0f99
commit 732e0cf
Show file tree

Hide file tree

Showing 7 changed files with 109 additions and 2 deletions.
diff --git a/Diagnostics/ExchangeLogCollector/ExchangeLogCollector.ps1 b/Diagnostics/ExchangeLogCollector/ExchangeLogCollector.ps1
@@ -8,6 +8,7 @@ param (
     [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
     [Alias('Fqdn')]
     [string[]]$Servers = @($env:COMPUTERNAME),
+    [switch]$AcceptedRemoteDomain,
     [switch]$ADDriverLogs,
     [bool]$AppSysLogs = $true,
     [bool]$AppSysLogsToXml = $true,
@@ -43,6 +44,7 @@ param (
     [switch]$OABLogs,
     [switch]$OrganizationConfig,
     [switch]$OWALogs,
+    [switch]$PipelineTracingLogs,
     [switch]$PopLogs,
     [switch]$PowerShellLogs,
     [switch]$QueueInformation,
@@ -55,6 +57,7 @@ param (
     [switch]$TransportAgentLogs,
     [switch]$TransportConfig,
     [switch]$TransportRoutingTableLogs,
+    [switch]$TransportRules,
     [switch]$WindowsSecurityLogs,
     [switch]$AllPossibleLogs,
     [Alias("CollectAllLogsBasedOnDaysWorth")]

diff --git a/Diagnostics/ExchangeLogCollector/Helpers/Get-ArgumentList.ps1 b/Diagnostics/ExchangeLogCollector/Helpers/Get-ArgumentList.ps1
@@ -24,6 +24,7 @@ function Get-ArgumentList {
     }
 
     return [PSCustomObject]@{
+        AcceptedRemoteDomain           = $AcceptedRemoteDomain
         ADDriverLogs                   = $ADDriverLogs
         AnyTransportSwitchesEnabled    = $Script:AnyTransportSwitchesEnabled
         AppSysLogs                     = $AppSysLogs
@@ -64,6 +65,7 @@ function Get-ArgumentList {
         MitigationService              = $MitigationService
         OABLogs                        = $OABLogs
         OWALogs                        = $OWALogs
+        PipelineTracingLogs            = $PipelineTracingLogs
         PopLogs                        = $PopLogs
         PowerShellLogs                 = $PowerShellLogs
         QueueInformation               = $QueueInformation
@@ -78,6 +80,7 @@ function Get-ArgumentList {
         TransportAgentLogs             = $TransportAgentLogs
         TransportConfig                = $TransportConfig
         TransportRoutingTableLogs      = $TransportRoutingTableLogs
+        TransportRules                 = $TransportRules
         WindowsSecurityLogs            = $WindowsSecurityLogs
     }
 }
diff --git a/Diagnostics/ExchangeLogCollector/Helpers/Test-PossibleCommonScenarios.ps1 b/Diagnostics/ExchangeLogCollector/Helpers/Test-PossibleCommonScenarios.ps1
@@ -50,6 +50,9 @@ function Test-PossibleCommonScenarios {
         $Script:MailboxConnectivityLogs = $true
         $Script:FrontEndProtocolLogs = $true
         $Script:MailboxDeliveryThrottlingLogs = $true
+        $Script:PipelineTracingLogs = $true
+        $Script:TransportRules = $true
+        $Script:AcceptedRemoteDomain = $true
     }
 
     if ($ConnectivityLogs) {
@@ -86,6 +89,8 @@ function Test-PossibleCommonScenarios {
         $Script:MessageTrackingLogs = $true
         $Script:QueueInformation = $true
         $Script:TransportConfig = $true
+        $Script:TransportRules = $true
+        $Script:AcceptedRemoteDomain = $true
     }
 
     if ($OutlookConnectivityIssues) {
@@ -121,7 +126,10 @@ function Test-PossibleCommonScenarios {
         $MailboxDeliveryThrottlingLogs -or
         $TransportAgentLogs -or
         $TransportRoutingTableLogs -or
-        $DefaultTransportLogging) {
+        $DefaultTransportLogging -or
+        $PipelineTracingLogs -or
+        $TransportRules -or
+        $AcceptedRemoteDomain) {
         $Script:AnyTransportSwitchesEnabled = $true
     }
 

diff --git a/Diagnostics/ExchangeLogCollector/RemoteScriptBlock/Invoke-RemoteMain.ps1 b/Diagnostics/ExchangeLogCollector/RemoteScriptBlock/Invoke-RemoteMain.ps1
@@ -192,6 +192,18 @@ function Invoke-RemoteMain {
                 Add-DefaultLogCopyTaskAction "$Script:localExInstall`Logging\MailboxAssistantsDatabaseSlaLog" "Mailbox_Assistants_Database_Sla_Logs"
             }
         }
+
+        if ($PassedInfo.PipelineTracingLogs) {
+
+            if ($Script:localServerObject.Hub -or
+                $Script:localServerObject.Edge) {
+                Add-LogCopyFullTaskAction $Script:localServerObject.TransportInfo.HubLoggingInfo.PipelineTracingPath "Hub_Pipeline_Tracing_Logs"
+            }
+
+            if ($Script:localServerObject.Mailbox) {
+                Add-LogCopyFullTaskAction $Script:localServerObject.TransportInfo.MBXLoggingInfo.PipelineTracingPath "Mailbox_Pipeline_Tracing_Logs"
+            }
+        }
     }
 
     ############################################

diff --git a/Diagnostics/ExchangeLogCollector/Write/Write-DataOnlyOnceOnMasterServer.ps1 b/Diagnostics/ExchangeLogCollector/Write/Write-DataOnlyOnceOnMasterServer.ps1
@@ -41,6 +41,28 @@ function Write-DataOnlyOnceOnMasterServer {
         Save-DataInfoToFile -dataIn $data -SaveToLocation $target -AddServerName $false
     }
 
+    if ($TransportRules) {
+        $target = $RootCopyToDirectory + "\TransportRules"
+        $data = Get-TransportRule
+
+        # If no rules found, we want to report that.
+        if ($null -ne $data) {
+            Save-DataInfoToFile -dataIn $data -SaveToLocation $target -AddServerName $false
+        } else {
+            Save-DataInfoToFile -dataIn "No Transport Rules Found" -SaveXMLFile $false -SaveToLocation $target -AddServerName $false
+        }
+    }
+
+    if ($AcceptedRemoteDomain) {
+        $target = $RootCopyToDirectory + "\AcceptedDomain"
+        $data = Get-AcceptedDomain
+        Save-DataInfoToFile -dataIn $data -SaveToLocation $target -AddServerName $false
+
+        $target = $RootCopyToDirectory + "\RemoteDomain"
+        $data = Get-RemoteDomain
+        Save-DataInfoToFile -dataIn $data -SaveToLocation $target -AddServerName $false
+    }
+
     if ($Error.Count -ne 0) {
         Save-DataInfoToFile -DataIn $Error -SaveToLocation ("$RootCopyToDirectory\AllErrors")
         Save-DataInfoToFile -DataIn (Get-UnhandledErrors) -SaveToLocation ("$RootCopyToDirectory\UnhandledErrors")

diff --git a/Diagnostics/ExchangeLogCollector/Write/Write-LargeDataObjectsOnMachine.ps1 b/Diagnostics/ExchangeLogCollector/Write/Write-LargeDataObjectsOnMachine.ps1
@@ -138,6 +138,62 @@ function Write-LargeDataObjectsOnMachine {
             if (Test-Path $machineConfig) {
                 Copy-Item $machineConfig -Destination ("{0}\{1}_machine.config" -f $webAppPoolsSaveRoot, $env:COMPUTERNAME)
             }
+
+            $siteConfigs = @{}
+            # always try to get the hardcoded default
+            $siteConfigs.Add("applicationHost.config", "$($env:WINDIR)\System32\inetSrv\config\applicationHost.config")
+
+            try {
+                # default location normally your applicationHost.config
+                try {
+                    $defaultLocation = Get-WebConfigFile
+
+                    if (-not $siteConfigs.ContainsKey($defaultLocation.Name)) {
+                        $siteConfigs.Add($defaultLocation.Name, $defaultLocation.FullName)
+                    }
+                } catch {
+                    Write-Verbose "Failed to get default web config file path. $_"
+                }
+
+                $sitesContent.Keys |
+                    ForEach-Object {
+                        try {
+                            $name = $_
+                            $siteWebFileConfig = Get-WebConfigFile "IIS:\Sites\$($name)"
+
+                            $keyName = if ($siteWebFileConfig.Name -eq "web.config") { "$name`_web.config" } else { $siteWebFileConfig.Name }
+
+                            if (-not $siteConfigs.ContainsKey($keyName)) {
+                                $siteConfigs.Add($keyName, $siteWebFileConfig.FullName)
+                            }
+                        } catch {
+                            Write-Verbose "Failed to get web config for $name. $_"
+                        }
+                    }
+            } catch {
+                Write-Verbose "Failed to get the web config file for the sites. $_"
+                # remote context, cant call catch actions
+            } finally {
+                if ($null -ne $siteConfigs -and
+                    $siteConfigs.Count -gt 0) {
+                    $siteConfigs.Keys |
+                        ForEach-Object {
+                            if ((Test-Path $siteConfigs[$_])) {
+                                Copy-Item $siteConfigs[$_] -Destination ("{0}\{1}_{2}" -f $webAppPoolsSaveRoot, $env:COMPUTERNAME, $_)
+                            }
+                        }
+                }
+            }
+
+            # list the app pools ids
+            $ids = & $appCmd list wp
+            $fileName = ("{0}\{1}_Web_App_IDs.txt" -f $webAppPoolsSaveRoot, $env:COMPUTERNAME)
+
+            if ($null -ne $ids) {
+                $ids > $fileName
+            } else {
+                "No Data" > $fileName
+            }
         }
     }
 

diff --git a/docs/Diagnostics/ExchangeLogCollector.md b/docs/Diagnostics/ExchangeLogCollector.md
@@ -64,14 +64,15 @@ Parameter | Description |
 ----------|-------------|
 FilePath | The Location of where you would like the data to be copied over to. This location **must** be the same and accessible on all servers if you use the Servers parameter. Default value: C:\MS_Logs_Collection |
 Servers | An array of servers that you would like to collect data from.
+AcceptedRemoteDomain | Enable to collect `Get-AcceptedDomain` and `Get-RemoteDomain`.
 ADDriverLogs | Enable to collect AD Driver Logs. Location: `V15\Logging\ADDriver`
 AppSysLogs | Collects the Windows Event Application, System, and MSExchange Management Logs. Default value `$true`
 AppSysLogsToXml | Collects the Windows Event Application and System and saves them out to XML. The time range only is from the time the script run and the value set on `LogAge`. Default value: `$true`
 AutoDLogs | Enable to collect AutoDiscover Logs. Location: `V15\Logging\Autodiscover` and `V15\Logging\HttpProxy\Autodiscover`
 CollectFailoverMetrics | Enable to run the `CollectOverMetrics.ps1` script against the DAG. Only able to be run on an Exchange tools box or an Exchange Server.
 DAGInformation | Enable to collect the DAG Information from all different DAGs that are in the list of servers.
 DailyPerformanceLogs | Enable to collect Daily Performance Logs. Default Location: `V15\Logging\Diagnostics\DailyPerformanceLogs`
-DefaultTransportLogging | Enables the following switches and their logs to be collected. `FrontEndConnectivityLogs`, `FrontEndProtocolLogs`, `HubConnectivityLogs`, `MailboxConnectivityLogs`, `MailboxDeliveryThrottlingLogs`, `MessageTrackingLogs`, `QueueInformation`, `ReceiveConnectors`, `SendConnectors`, and `TransportConfig`
+DefaultTransportLogging | Enables the following switches and their logs to be collected. `AcceptedRemoteDomain`, `FrontEndConnectivityLogs`, `FrontEndProtocolLogs`, `HubConnectivityLogs`, `MailboxConnectivityLogs`, `MailboxDeliveryThrottlingLogs`, `MessageTrackingLogs`, `PipelineTracingLogs`, `QueueInformation`, `ReceiveConnectors`, `SendConnectors`, `TransportConfig`, `TransportRoutingTableLogs`, and `TransportRules`
 EASLogs | Enable to collect Exchange Active Sync Logging. Location: `V15\Logging\HttpProxy\Eas`
 ECPLogs | Enable to collect ECP Logs. Location: `V15\Logging\ECP` and `V15\Logging\HttpProxy\Ecp`
 EWSLogs | Enable to collect EWS Logs. Location: `V15\Logging\HttpProxy\Ews` and `V15\Logging\Ews`
@@ -97,6 +98,7 @@ MitigationService | Enable to collect the Mitigation Service logs. Location: `V1
 OABLogs | Enable to collect OAB Logs. Location: `V15\Logging\HttpProxy\OAB`, `V15\Logging\OABGeneratorLog`, `V15\Logging\OABGeneratorSimpleLog`, and `V15\Logging\MAPI AddressBook Service`
 OrganizationConfig | Enable to collect the Organization Configuration from the environment.
 OWALogs | Enable to collect OWA Logs. Location: `V15\Logging\OWA`, `Logging\HttpProxy\OwaCalendar`, and `V15\Logging\HttpProxy\Owa`
+PipelineTracingLogs | Enable to collect the Pipeline Tracing Logs. Location `(Get-TransportService $server).PipelineTracingPath`, and `(Get-MailboxTransportService $server).PipelineTracingPath`
 PopLogs | Enable to collect POP logging. Location: `(Get-PopSettings -Server $server).LogFileLocation`
 PowerShellLogs | Enable to collect the PowerShell Logs. Location: `V15\Logging\HttpProxy\PowerShell`
 QueueInformation | Enable to collect the historical queue information. Location: `(Get-TransportService $server).QueueLogPath`
@@ -108,6 +110,7 @@ ServerInformation | Enable to collect general server information.
 TransportAgentLogs | Enable to collect the Agent Logs. Location: `(Get-TransportService $server).AgentLogPath`, `(Get-FrontendTransportService $server).AgentLogPath`, `(Get-MailboxTransportService $server).MailboxSubmissionAgentLogPath`, and `(Get-MailboxTransportService $server).MailboxDeliveryAgentLogPath`
 TransportConfig | Enable to collect the Transport Configuration files from the Server and `Get-TransportConfig` from the org. Files: `EdgeTransport.exe.config`, `MSExchangeFrontEndTransport.exe.config`, `MSExchangeDelivery.exe.config`, and `MSExchangeSubmission.exe.config`
 TransportRoutingTableLogs | Enable to collect the Routing Table Logs. Location: `(Get-TransportService $server).RoutingTableLogPath`, `(Get-FrontendTransportService $server).RoutingTableLogPath`, and `(Get-MailboxTransportService $server).RoutingTableLogPath`
+TransportRules | Enable to collect `Get-TransportRule`.
 WindowsSecurityLogs | Enable to collect the Windows Security Logs. Default Location: `'C:\Windows\System32\WinEvt\Logs\Security.evtx'`
 AllPossibleLogs | Enables the collection of all default logging collection on the Server.
 CollectAllLogsBasedOnLogAge | Boolean to determine if you collect all the logs based off the log's age or all the logs in that directory. Default value `$true`