As more and more people are using the Internet, networking-related problems are also increasing. We can no longer afford using outdated time-consuming ways to repair all these broken hardware. As a result, we need fast and automatic ways to spot errors. If we can develop an automatic diagnose system for the MIS personnel so they can repair potential problems before they make serious harm, we can save great networking-related costs for the business. This research develops a network anomaly diagnosis system using the system log and a rule-based inference mechanism. We collect all user nodes’ anomaly information within the enterprise-wide intranet. This collection of information, combined with the MIS personnel’s repairing logs and system event logs, enable us to create an interactive deductive diagnosis expert system. The end product meets our expectations and also helps MIS personnel to solve questions on time, increase efficiency and reduce their workload.