Hi All,
As a Microsoft Exchange Administrator, I often get requests to find information regarding emails that have been sent, received, or stuck. Basically, I need to find out what is happening with the mail flow within the Exchange environment.
So today, we will be making use MessageTrackingLog to get that information for us using Exchange Management Shell.
Microsoft provides the Message Tracking tools to be able to do this from the Exchange Management Console in Exchange 2010 as well, but I am more comfortable using the Shell.
Let's assume that you have got an request from a client stating that you need to provide information regarding the emails sent between a time period with a specific subject line.
In our case, let us say that the Subject line of the Email is "Important information needed" and the time period is 16th June 10:00 AM to 2:30 PM.
Get-TransportServer | Get-MessageTrackingLog -ResultSize Unlimited -Start 16/06/2015 10:00:00 -End 16/06/2015 14:30:00 -MessageSubject "Important information needed" | select TimeStamp, MessageSubject, Sender, @{Name='Recipients';
Let us see what we are doing here. At first, we are using the cmdlet Get-TransportServer, you will using this if you are not using the Exchange Management on the Hub Transport Server as you all the mail flow happens with the help of the Hub Transport Server. If you are running this command from the Hub Transport, then you don't need to add this cmdlet.
Next we are using Get-MessageTrackingLog which is actual meat of this article. This cmdlet takes parameters like Start, End, MessageSubject and a lot more, which you can find in the above link.
After this, we were selecting the information that we want to output using the select cmdlet like TimeStamp, Sender email address, recipient email address.
Notice the section where we use the below.
@{Name='Recipients`;
The reason we use this is that at times you will have multiple recipient emails separated by a semi-colon, this will help us present the output in a neat manner.
I have written a very handy which you can use in your environment by just providing the Start Date, End Date, Email Subject, and the path where you want to store the csv file as an output.
$StartDate = Read-Host "Kindly provide the Start date in the 24 hour format MM/DD/YYYY HH:MM:SS"
$EndDate = Read-Host "Kindly provide the End date in the 24 hour format MM/DD/YYYY HH:MM:SS"
$MessageSubject = Read-Host "Kindly provide the subject line of the Email"
$SaveAs = Read-Host "Provide the path that you to the save the file to along with the File Name"
Get-TransportServer | Get-MessageTrackingLog -ResultSize Unlimited -Start $StartDate -End $EndDate -MessageSubject $MessageSubject | select TimeStamp, MessageSubject, Sender, @{Name='Recipients';Expression={[string]::join(";", ($_.recipients))}} | Export-Csv "$SaveAs"-NoType
That's all I have for today, happy scripting!
I hope you find this informative and thank you for reading!
4 Comments
Very interesting. If there are any Exchange Administrators out there that would rather not use scripting, we have a utility that has been used by Exchange Administrators for 13 years to quickly and easily search EDB’s and do granular email recoveries. Check out Ontrack Power Controls.
http://www.krollontrack.com/information-management/email-management-for-exchange/
Interesting! Will give it a spin if I find some time.
You’re missing a single quote in there my man
Fixed.