Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®.
We primarily use it for that analysis of IIS logs but could use it for any thing including our log4net logs.
Log Parser is a command line utility
To make it easier to work with, Microsoft developed a GUI for Log Parser. It is called Log Parser Studio.
Log Parser Studio needs access to the log files. Since log files are produced and stored on the web server, you either need to install Log Parser Studio on the web server or download logs to your workstation.
- Open Log Parser Studio
- You will see a library of recipe queries. Scroll down to see the IIS queries.
- Double click on the name of a query. e.g. “IIS: HTTP Status Codes by Count”
- Click the folder open button (mustard color) in the toolbar
- Choose the folder where IIS logs are located
- Select files/folders
- Click the execute button (red exclamation) to run the query.
- Results will be displayed and can be exported
As you can see from the queries in the library the query language is SQL based. Experiment with writing your own queries to get the information that you need just like you would in SQL. As you would in SQL, just start by doing an exploratory query.
SELECT top 10 * FROM ‘[LOGFILEPATH]’
Then start experimenting.
Google for other examples. Chances are somebody on the Internet has already written the query that you need.