Compliance Item – Cleanup IIS Logs

I know I know, another cleanup IIS log file post… Nash Pherson wanted to know if there was a way to make a CI which would search for all IIS Sites, get the log folder location for each site, and then cleanup the IIS logs. I looked into it and was able to figure it out. I like this process because you set up a CI and a collection and then it’s on auto pilot. You never have to look at it again, assuming the ConfigMgr client is on all your ConfigMgr servers.

Configuration Item

Make up a fun, unique name (I picked IIS Log File Cleanup) and then pick your supported platforms. I have tested this process on Server 2012 and Server 2012 R2, so if you have any Server 2008 systems you’ll want to test it out on them. Select new setting and then make your settings match this:

Discovery Script:

$LogFileCount = 0
$DaysToKeep = -7
try {
    Import-Module WebAdministration
    Get-Website | ForEach-Object { 
        $LogDirectory = $_.LogFile.Directory
        If ($LogDirectory -match "(%.*%)\\") {
            $LogDirectory = $LogDirectory -replace "%(.*%)\\","$(cmd /c echo $matches[0])"
            $LogFileCount = $LogFileCount + (Get-ChildItem $LogDirectory -Recurse -Filter "*.log" | Where LastWriteTime -lt ((Get-Date).AddDays($DaysToKeep))).Count
        }
    }
    return $LogFileCount
}
catch { return -1 }

This imports the IIS Cmdlets, searches for all websites, does some fun regex stuff (thanks to this blog for the code to do it) to get the log folder path, and then counts the number of log files modified before 7 days ago. You can adjust the 7 days by changing line 2 to negative whatever (another common one would be -14 for 2 weeks). The script will return -1 if there is an error.

Remediation Script

$DaysToKeep = -7
try {
    Import-Module WebAdministration
    Get-Website | ForEach-Object { 
        $LogDirectory = $_.LogFile.Directory
        If ($LogDirectory -match "(%.*%)\\") {
            $LogDirectory = $LogDirectory -replace "%(.*%)\\","$(cmd /c echo $matches[0])"
            Get-ChildItem $LogDirectory -Recurse -Filter "*.log" | Where LastWriteTime -lt ((Get-Date).AddDays($DaysToKeep)) | Foreach-Object { Remove-Item $_.FullName -Force }
        }
    }
}
catch {  }

This does the same as the discovery script, except deleting the files. If you changed the days variable in the discovery script, make sure to change it in the remediation script also.

Compliance Rules

Compliance should be set to this:

Then Next, Next, Finish.

Configuration Baseline

This one is simple. Simply create the baseline and then add the CI you just created. After it is created you can deploy it to a collection with all your ConfigMgr servers that have IIS. Make sure you select to Remediate and Remediate outside of of maintenance windows if you want to do that.

Here is a query you can use on a collection to find all those servers which are ConfigMgr and have IIS installed:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_SERVER_FEATURE on SMS_G_System_SERVER_FEATURE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SERVER_FEATURE.Name like “IIS%” AND ResourceNames[0] In (Select Distinct ServerName FROM SMS_SystemResourceList)

And that’s it! Now your IIS cleanup for ConfigMgr servers is on auto pilot.