If you want to search for message delivery information on Exchange Server, you can use Exchange Management Console. Unfortunately, the Tracking Log tool in Exchange Management Console (EMC) doesn’t allow to use wildcard characters when trying to search of mails that has been sent or received from a certain domain. Exchange Management Console can only handle a specific user.
However, by using Get-MessageTrackingLog cmdlet you can resolve this limitation. The Get-MessageTrackingLog cmdlet provides two parameters for specifying sender and recipient email addresses as search criteria.
Examples
Below some examples command of Get-MessageTrackingLog. You need to run this command on Exchange Management Shell
Find emails log from a particular sender in the last hour:
Get-MessageTrackingLog -Sender support@msnoob -Start (Get-Date).AddHours(-1)
Find emails log and filter based on sender domain:
get-messagetrackinglog | where {[string]$_.recipients -like "*@msnoob.com"}
Find all emails log from a particular sender between a certain time period:
get-messagetrackinglog -sender test.domain.com -Start "02/24/2019 09:00:00" -End "02/25/2019 17:00:00" |ft Timestamp, Source, Sender, Recipients, MessageSubject
Find all emails log in specific time period and mails sent to any user under “msnoob.com” domain:
Get-MessageTrackingLog -ResultSize Unlimited -Start "02/24/2019" -End
"02/25/2019" | where {$_.recipients –like "*@msnoob.com"} | select-object Timestamp,SourceContext,Source,EventId,MessageSubject,Sender,{$_.Recipients}
The Get-MessageTrackingLog results are displayed on-screen. You can write the results to a file by piping the output to ConvertTo-Html or ConvertTo-
For Example you want to export the result of emails log from a particular sender in the last hour:
Get-MessageTrackingLog -Sender support@msnoob -Start (Get-Date).AddHours(-1) | export-csv C:tempMessageTrackingLogResults.csv
If you like this article, please share, subscribe or you can follow our Facebook Page and Twitter.
