Share via

Troubleshoot failed requests using tracing in IIS 7

  • Article

Applies to:Internet Information Services 7.0

Note

This article applies to IIS 7.0. For newer versions, seeTroubleshoot failed requests using tracing in IIS 8.5.

Request-based tracing is available both in stand-alone IIS servers and on Azure web apps and provides a way to determine what exactly is happening with your requests and why, if you can reproduce the problem that you're experiencing. Problems like poor performance on some requests, or authentication-related failures on other requests, or the server 500 error from ASP or ASP.NET can often be difficult to troubleshoot--unless you have captured the trace of the problem when it occurs. This article discusses Failed Request Tracing on IIS Server. For information about doing this with Azure web apps, seeTroubleshoot an app in Azure App Service using Visual Studio.

Failed Request Tracing is designed to buffer the trace events for a request and only flush them to disk if the request fails, where you provide the definition of "failure". If you want to know why you're getting 404.2 error messages or request start hanging, use Failed Request Tracing.

The tasks that are illustrated in this article include:

  • Enabling the Failed Request Tracing module.
  • Configuring Failed Request Tracing log-file semantics.
  • Defining the URL for which to keep failed request traces, including failure definitions and areas to trace.
  • Generating the failure condition and viewing the resulting trace.

Prerequisites

Install IIS

You must install IIS 7 or above before you can perform the tasks in this article. Browse tohttp://localhost/to see if IIS is installed. If IIS isn't installed, seeInstalling IIS on Windows Server 2008for installation instructions. When installing IIS, make sure that you also install the following features:

  • ASP.NET (underWorld Wide Web Services-Application Development Features-ASP.NET)
  • Tracing (underWorld Wide Web Services-Health and Diagnostics-Tracing)

Sign in as administrator

Ensure that the account that you use to log in is the administrator account or is in the Administrators group.

Note

Being in the Administrators group doesn't grant you complete administrator user rights by default. You must run applications as administrator, which you can do by right-clicking on the application icon and selectingRun as administrator.

Make a backup

You must make a backup of the configuration before doing the tasks in the following sections.

To make a backup of the configuration, follow these steps:

  1. SelectStart>All Programs>Accessories.

  2. Right-clickCommand Prompt,and then SelectRun as administrator.

    Screenshot that shows the context menu for Command Prompt, with Run as administrator selected.

  3. In a command prompt, run the following command:

    %windir%\system32\inetsrv\appcmd add backup cleanInstall

Create sample content

  1. Navigate to%systemdrive%\inetpub\wwwroot.

  2. Move the content to a secure location (in case you want to restore the existing content) or delete it.

  3. Create a blank file and name ittest.asp.

  4. In the command prompt, navigate to thetest.aspfile in\inetpub\wwwroot.

  5. In thetest.aspfile, paste the following content:

    <h2>Failed Request Tracing Lab</h2><br>
<br>Today's date is <% response.write(Date()) %>

Disable ASP

ASP must be disabled for this task. ASP is disabled only as an example and for the purposes of the tasks in this article.

To disable ASP

  1. Open Internet Information Services (IIS) Manager.

  2. Double-clickISAPI and CGI Restrictions.

    Screenshot that shows the I I S Manager with I S A P I and C G I Restrictions selected.

  3. SelectActive Server Pages.In theActionspane, selectDenyto disable ASP.

    Screenshot that shows the I S A P I and C G I Restrictions and Actions pane open.

Enable Failed Request Tracing

After you enable Failed Request Tracing, you need to configure where the log files will reside. In this task, you'll enable Failed Request Tracing for the Default Web Site and specify where to put the log files. You'll then configure the failure for which to generate failure logs.

Step 1: Enable Failed Request Tracing for the Site and Configure the Log File Directory

  1. Open a command prompt with administrator user rights, and navigate to%systemdrive%\windows\system32\inetsrv.

  2. Runinetmgrto open IIS Manager.

  3. In theConnectionspane, expand the machine name, expandSites,and then selectDefault Web Site.

  4. In theActionspane, underConfigure,selectFailed Request Tracing.

    Screenshot that shows Failed Request Tracing under Configure.

  5. In theEdit Web Site Failed Request Tracing Settingsdialog box, configure the following:

    • Select theEnablecheckbox.
    • Keep the defaults for the other settings.

    Screenshot that shows the Edit Web Site Failed Request Tracing Settings dialog box, with Enable selected.

  6. SelectOK.

Failed Request Tracing logging is now enabled for the Default Web Site. Check the%windir%\system32\inetsrv\config\applicationHost.config file to confirm that the configuration looks as follows:

<system.applicationHost>
<sites>
<!-- site & app defaults -->
<site name= "Default Web Site" id= "1" >
<!-- other site configuration -->
<traceFailedRequestsLogging enabled= "true" />
</site>
</sites>
</system.applicationHost>

Step 2: Configure your failure definitions

In this step, you'll configure the failure definitions for your URL, including what areas to trace. You'll troubleshoot a 404.2 that is returned by IIS for any requests to extensions that haven't yet been enabled. This helps you determine which particular extensions you'll need to enable.

  1. Open a command prompt with administrator user rights, and navigate to%systemdrive%\windows\system32\inetsrv.

  2. Runinetmgrto open IIS Manager.

  3. In theConnectionspane, expand the machine name, expandSites,and then selectDefault Web Site.

  4. Double-clickFailed Request Tracing Rules.

    Screenshot that shows Default Web Site Home pane, and Failed Request Tracing Rules is selected.

  5. SelectFinish.

  6. In theActionspane, selectAdd.

  7. In theAdd Failed Request Tracing Rulewizard, on theSpecify Content to Tracepage, selectAll content (*).SelectNext.

    Screenshot that shows the Add Failed Request Tracing Rule wizard, with All content selected.

  8. On theDefine Trace Conditionspage, select theStatus code(s)checkbox and enter404.2as the status code to trace.

    Screenshot that shows the Define Trace Conditions page. Status code is selected with 404 dot 2 in the Status code field.

  9. SelectNext.

  10. On theSelect Trace Providerspage, underProviders,select theWWW Servercheckbox. UnderAreas,select theSecuritycheckbox and clear all other checkboxes.

    The problem that you're generating causes a security error trace event to be thrown. In general, authentication and authorization (including ISAPI restriction list issues) problems can be diagnosed by using the WWW Server - Security area configuration for tracing. However, because theFREB.xslstyle sheet helps highlight errors and warnings, you can still use the default configuration to log all events in all areas and providers. UnderVerbosity,selectVerbose.

    Screenshot that shows the Select Trace Providers page. W W W Server is selected under Providers, and Security is selected under Verbose.

  11. SelectFinish.You should see the following definition for theDefault Web Site:

    Screenshot that shows the Failed Request Tracing Rules pane. W W W Server is listed under Associated Providers.

IIS Manager writes the configuration to the%windir%\system32\inetsrv\config\applicationHost.configfile by using a<location>tag. The configuration should look as follows:

<location path= "Default Web Site" >
<system.webServer>
<tracing>
<traceFailedRequests>
<add path= "*" >
<traceAreas>
<add provider= "WWW Server" areas= "Security" verbosity= "Verbose" />
</traceAreas>
<failureDefinitions statusCodes= "404.2" />
</add>
</traceFailedRequests>
</tracing>
</system.webServer>
</location>

Test and view the failure request log file

In this task, you'll generate a failed request and view the resulting trace log. You already configured IIS to capture trace logs forhttp://localhost/*.asprequests that fail with an HTTP response code of 404.2. Now verify that it works.

Step 1: Generate an error and the failure request log file

  1. Open a new Internet Explorer window.

  2. Enter the following address:http://localhost/test.asp.

  3. You get an "HTTP Error 404.2 - Not Found" error.

    Screenshot that shows a web page titled Server Error in Application Default Web Site. Under Error Summary, it says H T T P Error 404 dot 2 Not Found.

Step 2: View the failure request log file

  1. Now that you have generated a failed request, open a command prompt with administrator user rights and navigate to%systemdrive%\inetpub\logs\FailedReqLogFiles\W3SVC1.

  2. Runstartto start an Internet Explorer window from the directory.

    Screenshot that shows Internet Explorer navigating to the W 3 S V C 1 path. Two files are listed, freb and f r 0 0 0 0 0 1.

  3. Notice a few things here: When IIS writes the failed request log file, it writes one file per failed request. Afreb.xslstyle sheet is also written, one per directory. This helps when you view the resulting failure request log files (such asfr000001.xmlin this sample).

  4. Right-click the log file for the 404.2 error, and selectOpen With>Internet Explorer.If this is the first time that you're opening a Failed Request Tracing file, you must addabout:internetto the list of trusted sites, since Internet Explorer's Enhanced Security Configuration is enabled by default. If so, you see the following:

    Screenshot that shows a dialog box for Internet Explorer Enhanced Security Configuration. About colon internet is blocked.

  5. In theInternet Explorerdialog box, selectAdd…to addabout:internetto the list of trusted sites. This allows the XSL to work. You'll see the following after addingabout:internetto the list of trusted sites:

    Screenshot that shows Internet Explorer. The Request Summary tab is selected, and two warnings are listed.

    A summary of the failed request is logged at the top, with theErrors & Warningstable identifying any events that areWARNING,ERROR,orCRITICAL ERRORinSeverity.In this example, theWARNINGseverity level is due to ISAPI RESTRICTION. The image that you tried to load was%windir%\system32\inetsrv\asp.dll.

  6. Open the raw XML file directly by using a text editor, and look at the contents of each event.

Summary

You have completed two tasks: configured Failed Request Tracing to capture traces for any request that IIS returns it with a 404.2 status code, and verified that IIS captured the trace for your request. You also verified that thefreb.xmllog file didn't contain any other requests for the requests that you made because the requests didn't have a 404.2 return code. When you consult the failure log file, you determined that the cause of the failure was that the extension was disabled for that request. You can try other non-HTML pages (like.gif or.jpg files) and note that the log file does NOT add these traces. You can also easily change this to be 404, or capture the failure if the request takes longer than 30 seconds by setting thetimeTakenfield in your failureDefinitions.

Restore your backup

Now that you have completed the tasks in this article, you can restore the backup of the configuration. Run the following command with administrator user rights:

%windir%\system32\inetsrv\appcmd restore backup cleanInstall