How to detect IIS requests by logged in users only?

Question

I'm planning to get some information by processing IIS Log files (after I imported them into SQL Server database).

Now, when user requests for a file that exists on server, even with incorrect credentials, two things happen:

1. This request is rejected

2. This bad request is logged, and I cannot detect whether the user has received the file, or not?

I want to process only requests with correct credentials that are responsed without error.

I use Windows authentication mode.

Answer 1

In the IIS logs, there is a field called "sc-status" which would show 200 for a successful response, and 401.x if the user is unauthorized.