Up 1 Down 0

Export Office 365 SMTP log

Connect and Export SMTP log:

Param( 
    [Parameter(Position=0, Mandatory=$false)] 
    [string] $TenantAdmin
) 

$OutputFile = "DetailedMessageStats.csv" 

# Get tenant admin account if not provided
if (-not $TenantAdmin) {
    $TenantAdmin = Read-Host -Prompt 'Input the tenant admin account'
}

Write-Host "Connecting to Exchange Online as $TenantAdmin..." 

# Import the Exchange Online Management module
try {
    Import-Module ExchangeOnlineManagement -ErrorAction Stop
} catch {
    Write-Error "Exchange Online Management module not found. Please install it using: Install-Module -Name ExchangeOnlineManagement"
    exit 1
}

# Connect to Exchange Online using modern authentication
try {
    Connect-ExchangeOnline -UserPrincipalName $TenantAdmin -ShowProgress $true
} catch {
    Write-Error "Failed to connect to Exchange Online: $_"
    exit 1
}

Write-Host "Collecting Recipients..." 

# Collect all recipients from Exchange Online 
$Recipients = Get-Recipient -ResultSize Unlimited | Select-Object PrimarySMTPAddress 
$MailTraffic = @{} 

foreach($Recipient in $Recipients) { 
    $MailTraffic[$Recipient.PrimarySMTPAddress.ToLower()] = @{} 
} 

$Recipients = $null 

# Collect Message Tracking Logs using Get-MessageTrace
$Messages = @()
$Page = 1 
$StartDate = (Get-Date).AddDays(-7)
$EndDate = Get-Date

Write-Host "Collecting message traces from $StartDate to $EndDate..."

do { 
    Write-Host "Collecting Message Tracking - Page $Page..." 
    try {
        $CurrMessages = Get-MessageTrace -StartDate $StartDate -EndDate $EndDate -PageSize 5000 -Page $Page | 
            Select-Object Received, SenderAddress, RecipientAddress, FromIP, ToIP, Subject, Status, Size
        
        if ($CurrMessages) {
            # Export current page to individual CSV file
            $CurrMessages | Export-Csv "C:\MessageTrace-Page$Page.csv" -NoTypeInformation
            Write-Host "Exported page $Page with $($CurrMessages.Count) messages"
            
            # Add to main collection
            $Messages += $CurrMessages
        }
    } catch {
        Write-Warning "Error collecting page ${Page}: $_"
        break
    }
    
    $Page++ 
} until ($CurrMessages.Count -eq 0 -or $CurrMessages -eq $null)

Write-Host "Total messages collected: $($Messages.Count)"

# Export all messages to main output file
if ($Messages.Count -gt 0) {
    $Messages | Export-Csv $OutputFile -NoTypeInformation
    Write-Host "All messages exported to $OutputFile"
} else {
    Write-Warning "No messages found for the specified date range"
}

Disconnect from Exchange Online:
try {
    Disconnect-ExchangeOnline -Confirm:$false
    Write-Host "Disconnected from Exchange Online"
} catch {
    Write-Warning "Error disconnecting: $_"
}

NO SLEEP

00:00

Password Generator

↻ Refresh

Most Viewed

Most Recent