Locate and find evidence in Windows IIS 7.5 logs. Windows servers running the IIS web server create extremely detailed logs that are enabled by default. Usually these servers are on the Internet and available to the Internet public at large. Sometimes these servers are on intranets or private networks, serving a limited clientele. These intranet servers aren’t usually as well secured as their public counterparts and are often targeted when private networks are compromised. Regardless of their public or private status, the logs on either often contain valuable information for the network investigator.