5.2 Ensure Advanced IIS logging is enabled

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


IIS Advanced Logging is a module which provides flexibility in logging requests and client data. It provides controls that allow businesses to specify what fields are important, easily add additional fields, and provide policies pertaining to log file rollover and Request Filtering. HTTP request/response headers, server variables, and client-side fields can be easily logged with minor configuration in the IIS management console.
Many of the fields available in Advanced Logging many can provide extensive, real-time data and details not otherwise obtainable. Developers and security professionals can use this information to identify and remediate application vulnerabilities/attack patterns.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


IIS Advanced Logging can be configured for servers, Web sites, and directories in IIS Manager. To enable Advanced Logging using the UI:
1. Open Internet Information Services (IIS) Manager
2. Click the server in the Connections pane
3. Double-click the Logging icon on the Home page
4. Click Select Fields
The fields that will be logged need to be configured using the Add or Edit Fields button.
Note: There may be performance considerations depending on the extent of the configuration.
Default Value:
IIS Advanced Logging is enabled by default.

See Also