Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Open Event Viewer eventvwr.msc > Expand Application and Service Security ID of Account (SID)
Log > Microsoft > Windows > IIS-Configuration > Right click Path to configuration
Operational > Choose Properties > Click Enable logging > Set
Old value
Maximum log size to 299968KB > Select Overwrite events as needed >
OK New value
Repeat same steps for Application and Service Log > Microsoft >
Windows > IIS-Configuration > Administrative log Will it Affect Servers
Performance?
Review Configuration History Settings
No. IIS configuration auditing uses
On IIS server run in command shell with administrative privileges: native Windows subsystem which is
cd %windir%\system32\inetsrv capable of handling thousands of
Appcmd list config /section:configHistory /config:* events per second without any
noticeable CPU overhead
By default 10 configuration backups are kept. You can modify
settings:
Appcmd set config /section:configHistory -maxHistories:15 Restore Configuration
from Backup
Review Auditing Events Commands:
Check Operational and Administrative event logs through Event Appcmd list backups
Viewer. Note: manual changes to the configuration store are not
audited. For example if someone modifies ApplicationHost.config shows list of stored backups
with Notepad it wont be recorded to audit logs. Also if someone uses Appcmd restore backup
Appcmd to modify IIS configuration you will see auditing entry, but restores configuration
PID wont be a valid one.