Understanding IIS 7 log files

Question

I'm trying to debug a 405 error that is occurring in an ASP.NET 4.0 website with a jQuery AJAX post, and I've got the following from an IIS log file.

2012-07-02 15:15:37 XXX.XX.XX.XXX POST /AjaxWebMethods.aspx/TestWebMethod - 443 - XXX.XX.XX.XX Mozilla/5.0+(Windows+NT+5.1;+rv:13.0)+Gecko/20100101+Firefox/13.0.1 405 0 0 218

My question: what does the 405 0 0 218 at the end of the log signify? I'm assuming that the 405 portion is the client error number, but what are the 3 remaining numbers?

Answer 1

Take a look at the top of your log file and you'll see something like this:

 #Software: Microsoft Internet Information Services 7.5 #Version: 1.0 #Date: 2011-04-13 19:02:34 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken 

The #Fields row will tell you what each value represents. In your case, and presuming you're running with the default log settings, the values would be:

 sc-status  sc-substatus   sc-win32status  time-taken ==================================================== 405        0              0               218 

• sc-status - is the major part of the HTTP status code
• sc-substatus - is the sub status e.g. for a 503.19 HTTP status it would be the 19 part
• sc-win32status - is a Windows system error code
• time-taken - is the time taken to send the response in milliseconds

If you're getting non-zero values for sc-win32status you can use:

NET HELPMSG <sc-win32status value>

...to find out that that status code maps to.

If a field doesn't have a value in the log file then the missing value is shown as a hyphen -.