IIS Site Discovery - Prerequisites and Troubleshooting | Online help - EventLog Analyzer

What are the prerequisites for IIS Site Discovery and how to troubleshoot it?

Prerequisites:

  1. Administrator access for the remote IIS Server i.e., the credentials to access IIS Log files and the configuration file location are listed below:
    1. IIS configuration file location: C:\Windows\System32\inetsrv\config\
    2. IIS log files location: C:\inetpub\logs\LogFiles\
  2. SMB v2 should be enabled on EventLog Analyzer and the target machine to perform the IIS Site discovery.
  3. Remote registry service should be running.

Troubleshooting:

  1. Please click on the "Update IIS Server" icon and enter the credentials.
  2. Click on "Verify Credentials" and let us know the status. (Hint: Try importing the log file in the "Import Log Data" tab using the same credential to check if you have access to import)
  3. SMB not enabled/port 445 is blocked. SMBv2 support is available on builds 12030 and above for EventLog Analyzer.
  4. Enable Remote registry service, if it is not running.
  5. Check if the host name resolves, otherwise try pinging the host name from the EventLog Analyzer server to ensure IP Lookup.

                  New to ADSelfService Plus?

                    • Related Articles

                    • What to do if the IIS Site status shows "Failed"?

                      Troubleshooting: Open the server out log file and search for the exception following the line "New Import File Arrived". a. Exception: "File not found" Probable cause(s) and troubleshooting step(s): Log file was not created for the particular day. ...
                    • What to do if the IIS Configuration logs are not collected?

                      Ensure that the configuration log status column is success. If not, click on "Configure" and configure it. Check whether the configured device is enabled. If not, enable the device. Check whether "Microsoft-IIS-Configuration/Operational" is enabled ...
                    • Prerequisites to simulate Ransomware correlation rule in EventLog Analyzer

                      Prerequisites to simulate Ransomware correlation rule in EventLog Analyzer: 1) Ensure to add the target machine inside EventLog Analyzer(Product Configuration): Refer: Adding Windows Devices On adding a windows device, the default monitoring interval ...
                    • How to troubleshoot JVM Memory Error?

                      Stop the ManageEngine EventLog Analyzer service. Navigate to <EventLog Analyzer home>/server/conf. Open the file wrapper.conf. Search for wrapper.java.maxmemory. Change the default value (1024) to wrapper.java.maxmemory=4096. (The value should not ...
                    • What to do if the EventLog Analyzer failed to update the IP's geolocation data due to network issue?

                      This occurs when there is no internet connection on the EventLog Analyzer server or if the creator server is unreachable. Domains/sites to be whitelisted: https://creator.zoho.com https://creatorexport.zoho.com The geolocation feature is used by ...