1. Download.
2. Querying IIS:
a) checking what fields can be queried:
"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" -h -i:w3c file.LOG -nskiplines:3
definitions of fields (IIS7)
b) checking number client (source) addresses:
"C:\inetpub\logs\LogFiles\W3SVC1>"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" "SELECT c-ip,count(c-ip) from u_ex160421.log group by c-ip" -i:w3c -rtp:-1
c)checking number client (source) addresses in april 2016
"C:\inetpub\logs\LogFiles\W3SVC1>"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" "SELECT c-ip,count(c-ip) from u_ex1604*.log group by c-ip" -:w3c -rtp:-1
d)checking number client (source) addresses in april 2016 with date
C:\inetpub\logs\LogFiles\W3SVC3>"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" "SELECT date,count(c-ip) from u_ex1604*.log group by date" -i:w3c -rtp:-1
3. Resources:
a) examples
b) extension of logparser
4. Querying exchange logs:
a) checking what fields can be queried:
D:\Microsoft\Exchange Server\V14\TransportRoles\Logs\MessageTracking>"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" -h -i:CSV file.LOG -nskiplines:4
a) checking by connector-id
"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" "SELECT connector-id,Count(*) as Hits from MSGTRK20160102-5.LOG GROUP BY connector-id ORDER BY Hits DESC" -i:CSV -nSkipLines:4 -rtp:-1
No comments:
Post a Comment