IAS Log Viewer

In this post I will demonstrate module for parsing IAS/NPS logs in PowerShell. When we troubleshoot IAS/NPS authentication failure we are referenced to logs first. These logs are located in C:\Windows\System32\LogFiles\ with prefix “IN” at IAS/NPS server. Log records are confusingly formatted and we need to reference to technet post in order to understand log record.

Example log record: "CLIENTCOMP","IAS",03/07/2008,13:04:33,1,"client",,,,,,,,,9,"10.10.10.10","npsclient",,,,,,,1,,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

For less than 10 users who authenticate to IAS/NPS it may not be a problem to reference to technet site, but if you have big environment, with about thousand users or so, which authenticate to IAS/NPS, it will be almost impossible to refer to technet post. However, I wrote PowerShell module to solve that problem. Module is simple to use and it’s only supported for .NET Framework 4.5 When you download PowerShell module you’ll have to import module like shown on image below.

After importing module we can use cmdlet Get-IASLog. We can use filter where all IAS/NPS attributes are supported. If you use filter with *, module will list all records from the log file.

You can specify attribute with value in filter as shown on image below.

If you want to contact me and give me suggestions about this or anything else, you can set parameter –AboutMe.

And If you think I deserve a beer you can use parameter –BuyMeABeer . I will write modules for other Microsoft platforms too and you will see them soon.