What is the best IIS tracing tool you have used?

I have spent majority of my career using and troubleshooting IIS Web Server. According to me the best thing happened to a Web admin is FRT (Failed Request Tracing) in IIS 7.0.

I have used Event Tracing for Windows as well and FRT is as much helpful.

Is there any such tracing tool which can give such good in-depth and greater understanding on request flow through the pipeline?


Update: I use Event Tracing for Windows, if I want to troubleshoot an issue like say "Users are getting prompted when trying to access Anonymous Authenticated Web site". ETW gives details on how each ISAPI treated the request or What Authentication happened for every single request a User makes.

In Windows Server 2003, you can use logman to query for build-in providers which you can use to trace. I use the following providers, you are free to add your own for specific tracing:

{DD5EF90A-6398-47A4-AD34-4DCECDEF795F} 0xFFFFFFFF 0x5 # HTTP Service Trace                       
{DC1271C2-A0AF-400F-850C-4E42FE16BE1C} 0xFFFFFFFF 0x5 # IIS: IISADMIN Global
{D55D3BC9-CBA9-44DF-827E-132D3A4596C2} 0xFFFFFFFF 0x5 # IIS: WWW Global
{1FBECC45-C060-4E7C-8A0E-0DBD6116181B} 0xFFFFFFFF 0x5 # IIS: SSL Filter
{3B7B0B4B-4B01-44B4-A95E-3C755719AEBF} 0xFFFFFFFF 0x5 # IIS: Request Monitor
{3A2A4E84-4C21-4981-AE10-3FDA0D9B0F83} 0xFFFFFFFE 0x5 # IIS: WWW Server
{A1C2040E-8840-4C31-BA11-9871031A19EA} 0xFFFFFFFF 0x5 # IIS: WWW Isapi Extension
{06B94D9A-B15E-456E-A4EF-37C984A2CB4B} 0xFFFFFFFF 0x5 # IIS: Active Server Pages (ASP)
{AFF081FE-0247-4275-9C4E-021F3DC1DA35} 0xFFFFFFFF 0x5 # ASP.NET Events
{e13c0d23-ccbc-4e12-931b-d9cc2eee27e4} 0xFFFFFFFF 0x5 # .NET Common Language Runtime             
{C92CF544-91B3-4dc0-8E11-C580339A0BF8} 0xFFFFFFFF 0x5 # NTLM Security Protocol
{bba3add2-c229-4cdb-ae2b-57eb6966b0c4} 0xFFFFFFFF 0x5 # Active Directory: Kerberos
{f33959b4-dbec-11d2-895b-00c04f79ab69} 0xFFFFFFFF 0x5 # Active Directory: NetLogon
{cc85922f-db41-11d2-9244-006008269001} 0xFFFFFFFF 0x5 # Local Security Authority (LSA)
{8e598056-8993-11d2-819e-0000f875a064} 0xFFFFFFFF 0x5 # Active Directory: SAM

Save this text in a file named iis.guid and the use couple of batch file to start and stop tracing.
StartTracing.cmd:

logman start Iis6.Trace -pf iis.guid -ets -ct perf

StopTracing.cmd:

logman stop Iis6.Trace -ets

You can then use LogParser tool to parse the .etl file.

cscript DumpTraceReqs.js c:\EtwTracing\Iis6.Trace.etl > c:\EtwTracing\logfile.txt

Now, reading this logfile.txt is easy and gives detailed information.

I have also used

  1. Dbgview.exe from http://live.sysinternals.com/ in IIS 5.0.
  2. Process Monitor from http://live.sysinternals.com/
  3. Failed Request Tracing for tracing in IIS 7 / 7.5

I wonder if there are any more we can use..