Using Log Parser

Blogger : Geekswithblogs.net
All posts : All posts by Geekswithblogs.net
Category : XML
Blogged date : 2007 Nov 17

I recently needed to do a little analysis of some of our BizTalk implementations and needed to get some information from the IIS logs to help me. I read a little about the Log Parser tool and this post will provide a little about how it helped.

Log Parser is a tool which allows you to use a SQL like syntax to parse various types of log files. This can be very useful when looking at a BizTalk environment and you want to be able to interogate a significant amount of logging information. Log Parser van be used to analyse things such as XML files, CSV files, Event Log, IIS Logs, Registry, File system, Active Directory and more.

Log Parser is available from the following location: Log Parser 2.2: http://www.iis.net/downloads/default.aspx?tabid=34&i=1287&g=6

Parsing IIS Logs

The following article provides information about parsing IIS logs: http://www.securityfocus.com/infocus/1712

The following queries are useful with Log Parser for the IIS logs

(Note most of these will have a date parameter)

List all non successful responses
The following query allowed be to search all log files in the directory and find all records which were not a result or 200 or 202. These could be output to a results file.

C:\Program Files\Log Parser 2.2>logparser "SELECT date, time, cs-method, sc-stat
us, sc-win32-status, cs-uri-stem, cs-username INTO c:\LogParserResults.txt FROM C:\WINDOWS\system32\LogFiles\W3SVC1\ex*.log WHERE ((sc-status<>200 and sc-status <> 202) or sc-win32-status<>0) and date='2007-10-22'" -rtp:-1

Aggregate non successful responses
The following query allowed me to find out how many records there were on a given date which had an error.

C:\Program Files\Log Parser 2.2>logparser "SELECT count(sc-status) as NoOccuranc
es, sc-status, sc-win32-status, cs-uri-stem INTO c:\LogParserResults.txt FROM C:\WINDOWS\system32\LogFiles\W3SVC1\ex*.log WHERE ((sc-status<>200 and sc-status <> 202) or sc-win32-status<>0) and date='2007-10-22' Group By sc-win32-status, cs-uri-stem, sc-status" -rtp:-1

Time Taken
The following query allowed me to order all of the records on a given day and order them by the duration they took
C:\Program Files\Log Parser 2.2>logparser "SELECT date, time, time-taken, cs-uri
-stem INTO c:\LogParserResults.txt FROM C:\WINDOWS\system32\LogFiles\W3SVC1\ex*.log WHERE date='2007-10-22' Order By time-taken DESC" -rtp:-1

Log Parser can be very useful and i would definately recommend taking a look at it

Read comments or post a reply to : Using Log Parser

CONTENTS

Page 5297 of 18325

Newest posts



	Recent Jobs Integration Specialist Needed - Work Fro Virtualization Server Infrastructure Arc A great opportunity to Digital Video Eng here is a greate opportunity as a SMS En A great opportunity as a Network Enginee View all Jobs (Add yours) View all CV (Add yours)
	Information Online
	swimming pool builder chicago web site design spfxmasks Cheap Web Hosting conference calling Gucci sunglasses answering service
	Partners Dream.In.Code dotNet Slackers dotNet Spider Your HTML Source VisualBuilder.com DevGuru Planet Source Code ZVON.ORG Web Design ASPAlliance XML Pitstop Scripts The Spot 4 SAP Bitshop Web Hosting

Email TopXML