Wardlaw Claims Service Company Blog: A Brief Introduction to Microsoft's Log Parser Tool

Microsoft provides the Log Parser tool free of charge. This tool can be used to extract data from a variety of sources including IIS log files, the Windows event log, and Active Directory. It can then transform the log data into another format such as XML or CSV or export the data to a database table. Users can limit the data they want to retrieve by using SQL queries. I will provide a quick example that selects and displays data from an IIS log file.

The first step to using the Log Parser tool is to download and install it. You can find the installation file here: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en.

After installing Log Parser open the command prompt and navigate the the directory where the LogParser.exe file was installed. On my instance of Windows XP the tool was installed at C:\Program Files\Log Parser 2.2. I have a local instance of IIS running a web site and I want to see what requests it has logged today. I execute the command below.

LogParser -i:IISW3C -o:DATAGRID "SELECT time, cs-method, cs-uri-stem FROM 'C:\WINDOWS\system32\Logfiles\W3SVC1\ex100924.log'"

The -i argument indicates the input format. In this case the W3C log file format used by IIS. The -o parameter indicates the output format. In this case a datagrid. The final argument is my query. I have specified the fields I want returned in the SELECT clause and in the FROM clause I have provided the path to the log file I want to examine. If I wanted to retrieve data from multiple log files I would use an asterisk as a wildcard character. To get all log files in the directory I would use:

'C:\WINDOWS\system32\Logfiles\W3SVC1\*.log'

You will also note that I have enclosed the path in single quotes since it contains spaces.

Here is a screen shot of the output.