Analysing Exchange (2013) Message Tracking Logs using NXLog & ELK (ElasticSearch, Logstash, Kibana)

Introduction Exchange 2013 maintains a detailed record of messages sent between the transport services within an Exchange organization via message tracking logs. The default location for these logs is; C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\MessageTracking. Exchange generates 3 main log files (there is a 4th, but…