Exchange Log Collector Script


A while ago I created the “CollectLogsScript” (see my old A better way to collect logs from your Exchange servers blog post) which I have since rebranded to “ExchangeLogCollector”. Seeing that this has proven popular, I have continued to make some major improvements to the script over the years. The script was recently moved over to GitHub to allow people to know and understand what changes I have made so there are no surprises - those of you wanting to see the changes/commits in the branch of code can do so by clicking here. Moving to GitHub also allows the option for someone else to submit issues that they are running into so that they can be addressed. For those looking simply to download the latest version of the script, go here and download the latest script.

A recent major improvement that I have made was to enable remote collection from other Exchange servers. This allows the data collection to be done with even more ease and with less admin overhead to collect the data required. This is only able to be done on machines that will allow you to run Invoke-Command remotely against them. From my testing thus far, it appears that machines running on Windows 2008 R2 are not able to do this functionality. If a server fails remote collection, you will still be able to run the script locally on the server without any issues.

When running this script, you’ll always want to be run it from a server that you want to also collect data from or some data will be missing from the data collection – the script will not run properly against a tools machine. Here is what it looks like when you run the script now.

I have added a disclaimer because this script can collect large amounts of data - if you aren’t careful, you can fill up a drive on the server. I still have the logical check to make sure there are at least 15GB free on the specified drive which should be enough in most circumstances – there will always be some variables in play here, but the 15GB free space check is expected to be sufficient. In past versions of the script, I did have a DiskCheckOverride switch that you could use to skip over the check for the disk space, however, with this current version of having the remote option I don’t have that in place till I have some advanced logic in place to allow near zero chance of any drives filling up.

After you have agreed to the disclaimer, the script checks to make sure the servers in the list are up and able to be collected from remotely. Then we do the disk free space check and proceed to collect any Exchange-specific cmdlets as you can’t run Exchange cmdlets within Invoke-Command. If any server fails one of these tests, it will remove them from the list. You will need to collect from any listed servers manually.

After everything has executed locally that we need to, we then send the Invoke-Command to all the servers in the list. You will start to see something like in the image below where we are collecting and zipping up the selected data.

Once we are done collecting data from all the servers, we will proceed to check the actual size of the zipped file from every server and verify we have enough space free to copy the data to the local server. This way, it will be even easier to collect and upload the data.

With the new features that I have added to the script hopefully this makes data collection from an Exchange environment even easier than before. This major improvement moving forward should make it easier for admins to collect data from multiple servers with little to no hassle. This makes all of our jobs easier – ensuring that we collect all the data we need when we need to collect it to resolve issues!

David Paulson

Skip to main content