Geeks With Blogs

News View Michael Stephenson's profile on BizTalk Blog Doc View Michael Stephenson's profile on LinkedIn
Michael Stephenson keeping your feet on premise while your heads in the cloud

I recently needed to do a little analysis of some of our BizTalk implementations and needed to get some information from the IIS logs to help me.  I read a little about the Log Parser tool and this post will provide a little about how it helped.

Log Parser is a tool which allows you to use a SQL like syntax to parse various types of log files.  This can be very useful when looking at a BizTalk environment and you want to be able to interogate a significant amount of logging information.  Log Parser van be used to analyse things such as XML files, CSV files, Event Log, IIS Logs, Registry, File system, Active Directory and more.

Log Parser is available from the following location: Log Parser 2.2: http://www.iis.net/downloads/default.aspx?tabid=34&i=1287&g=6

Parsing IIS Logs

The following article provides information about parsing IIS logs: http://www.securityfocus.com/infocus/1712


The following queries are useful with Log Parser for the IIS logs
 
(Note most of these will have a date parameter)
 
List all non successful responses
The following query allowed be to search all log files in the directory and find all records which were not a result or 200 or 202.  These could be output to a results file.

C:\Program Files\Log Parser 2.2>logparser "SELECT date, time, cs-method, sc-stat
us, sc-win32-status, cs-uri-stem, cs-username INTO c:\LogParserResults.txt FROM C:\WINDOWS\system32\LogFiles\W3SVC1\ex*.log WHERE ((sc-status<>200 and sc-status <> 202) or sc-win32-status<>0) and date='2007-10-22'" -rtp:-1
 
Aggregate non successful responses
The following query allowed me to find out how many records there were on a given date which had an error.

C:\Program Files\Log Parser 2.2>logparser "SELECT count(sc-status) as NoOccuranc
es,  sc-status, sc-win32-status, cs-uri-stem INTO c:\LogParserResults.txt FROM C:\WINDOWS\system32\LogFiles\W3SVC1\ex*.log WHERE ((sc-status<>200 and sc-status <> 202) or sc-win32-status<>0)   and date='2007-10-22' Group By sc-win32-status, cs-uri-stem, sc-status" -rtp:-1
 
 
Time Taken
The following query allowed me to order all of the records on a given day and order them by the duration they took
C:\Program Files\Log Parser 2.2>logparser "SELECT date, time, time-taken, cs-uri
-stem INTO c:\LogParserResults.txt FROM C:\WINDOWS\system32\LogFiles\W3SVC1\ex*.log WHERE date='2007-10-22' Order By time-taken DESC" -rtp:-1

Log Parser can be very useful and i would definately recommend taking a look at it

 

 

Disclaimer

I have noticed a few sites that seem to copy the content of blog articles and display them in their own site.  It is a bit annoying that they do not clearly reference or acknowledge the author so I have decided to put this note on the bottom of all of my posts from now so it is clear who wrote it.

This article was written by: Michael Stephenson

The source of this article is: http://www.geekswithblogs.net/michaelstephenson

Posted on Saturday, November 17, 2007 9:12 PM | Back to top


Comments on this post: Using Log Parser

# re: Using Log Parser
Requesting Gravatar...
nice post admin thanks.
mobdro for Windows
xender download app
SDKFBSD
SJDFNLSDF
Left by mobdro tv app for pc on May 12, 2017 7:44 PM

Your comment:
 (will show your gravatar)


Copyright © Michael Stephenson | Powered by: GeeksWithBlogs.net