Here is the official description and download site:
Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows operating system such as the Event Log, the Registry, the file system, and Active Directory.
Download: http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
Some more info about this tool in TechNet ScriptCenter:
Log Parser 2.2: http://www.microsoft.com/technet/scriptcenter/tools/logparser/default.mspx
I borrowed this picture from the blog:
Besides basic SQL queries, another thing you need to know is the fields of ISA logging, here is the official info:
If the command line is too hard for you, there are a couple visual tools – freeware that can do the better job for you:
These two visual tools are very helpful if you are looking at a relatively large query results, like thousands of access records from a 2GB log file. However, both tools have a bug in getting the values of date and time, they add 12:00:00AM in the date field and a date in the time field (LogParser Lizard adds year 0001, and Virsual Logparser adds year 2001), which is not necessary and when exported to Excel, year 0001 will make the time field overflow. I will report this to the author.
P.S. If you need a quick look at the SQL query, here are some reference sites:
That’s almost all I’ve got since last night. Have fun!
