CArehart.org

Log Parser Meta Resource Site (Last Updated: Jul 09, 2021)

Welcome to the wonderful, niche world of the free command-line tool, Microsoft LogParser (or "Log parser", as it's formally known). Whether you're new to it or an old hand, I've been keeping and curating this list of resources for years, to help folks make the most of this ancient but still-valuable tool.

All the resources below have been confirmed as being accessible as of July 2021. I welcome additions/corrections. Reach out to me.

If you may be new to the tool, here's a brief paragraph from the MS download site that just scratches the surface of its many powers. See below for many more resources that can take you down the rabbit hole of amazing things you can do with LP:

Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®.

Available sections:

• Fundamental Log Parser Resources
• Log Parser GUIs
• Learning More about Log Parser (articles and blog entries)
• Other Log Parser Resource Lists
• Bloggers writing a lot about Log Parser
• My Own Log Parser Resources

Fundamental Log Parser Resources

• Download the Log Parser tool, free from Microsoft (also available via Chocolatey)
• Don't miss/dismiss the available help available after installing the tool. It has tremendously valuable information. Here is a web-based version of that help (thanks to Documentation.help)
• A several-page overview from Microsoft
• Logparser Forums
(active content as of a check in July 2021)
• Microsoft Log Parser Toolkit, great book, available at Amazon, new and used (though like the tool itself, not updated in several years, but still so valuable)

Log Parser GUIs

There are some available GUIs which can help process LP commands:

• Log Parser Studio, free, from Microsoft (via Chocolatey)
• Log Parser Lizard, free and paid, from Lizard Labs
• Visual Log Parser, open source (also here)

Learning More about Log Parser (articles and blog entries)

I've found many more resources since I wrote the article above. Don't worry if some are a few years old. The Log Parser tool hasn't really changed much since 2003. That's ok, though. It does what it does well. Similarly, some of them focus on using it with things like ASP.NET, or MS Exchange, etc. Don't dismiss the articles, though. They may still discuss a feature that could benefit you.

• How Log Parser 2.2 Works
• Log Parser Rocks! More than 50 Examples!
• Troubleshooting IIS Performance Issues or Application Errors using LogParser
• Log Parser tutorial: learn to parse many input formats
• LogParser EVTX Adventures (from 2019)
• Analyzing Web Stats with Log Parser
• Jeff Atwood (Coding Horror)'s take on Log Parser
• Linux Lore: HOWTO use microsoft's logparser to analyze IIS logs with example sql/code
• Forensic Log Parsing with Microsoft's LogParser
• Fun with Log Parser (and related posts)
• Log Parser and ASP.NET (also here)
• Using the Logparser Utility to Analyze Exchange/IIS Logs
• Analyzing IIS Log files using Log Parser - Part 1
• LogParser scripts for various occasions...
• LogParser did it again: application pool recycle (nice use of LP against Event Viewer, and use of quantize)
• Charting with LogParser (as this discusses, you need to install the Office Web Components on the machine running LP. But keep in mind that you can run LP from one machine against the logs on another.)
• LogParser, Event Logs, and Vista (how you need to convert Event files in Vista/2k8 to a copy in the older Event Log format to read in LP)
• Anatomy of a SQL Injection Incident, Part 2: Meat (his part 1 did not use LP)
• Analyzing Denial of Service Attacks
• Post-processing and Viewing IIS Request-Based Tracing Data (IIS 6.0)
• How To: IIS and Log Parser 2.2
• Brian Maloney's SIRT DIFR query (SIRT: Security Intelligence and Response Team, DIFR: digital forensics and incident response
• Data Mining URLScan 3.x Logs using LogParser 2.2
• Monitoring IIS Web Server with Logparser and the RRDtool

Other Log Parser Resource Lists

• Log Parser Plus, another meta resource site, with links to examples, articles, references
• Lizard Labs, the lower portion of this page about the LogParser Lizard tool does have a section pointing to many other LP resources

Bloggers writing a lot about Log Parser

• CloudNotes (formerly "Never Doubt Thy Debugger") Log Parser blog entries
• James Skemp's StrivingLife Log Parser blog entries
• GlueGood's Log Parser blog entries, mostly about freely offered VBscript logparser utilities

My Own Log Parser Resources

My own personal interests for working with LP started with (and remains focused on) doing troubleshooting and log analysis related to Adobe ColdFusion and the FusionReactor monitor tool. Following are some resources I'd created years ago, but which may still benefit their original audience.

• The best starting resource for a CF developer to get familiar with Log Parser may be my October 2006 CFDJ article, "Monitoring Your CF Environment with the Free Log Parser Toolkit".
• Users of FusionReactor may want to check out this page of LP commands I created (albeit from the FR3 timeframe), and which others added to: Using Log Parser with FR

If you would like to propose other resources that could be listed here, please contact me.

Search site:

 

Need Emergency Support/ Troubleshooting Services? Charlie can help.

Need to contact Charlie for any reason (email, twitter, phone, facebook, linkedin, etc.), or to learn more about him? Check here.

Upcoming/Recent
Conference Appearances

Adobe CF Summit
Sep 2024

CFCamp
June 2024

Into The Box
May 2024

Validate this HTML | Copyright ©2024 Charlie Arehart| Contact Info| Server Support | Design adapted from super j man

Managed Hosting Services provided by