Log Parser分析IIS log的举例

命令举例如下:

C:\Program Files (x86)\Log Parser 2.2>logparser.exe -i:IISW3C "select time-taken as Duration from 'D:\IIS Log Folder\ex100817_6371.log' order by time-taken desc"

 

结果返回:

Duration
--------
190971
154861
154861
145783
124642
124642
101876
99907
80547
77563
Press a key...

 

image

 

Example Snip

=============

#Software: Microsoft Internet Information Services 7.5
#Version: 1.0
#Date: 2011-10-04 06:28:57
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2011-10-04 06:28:57 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E) 401 1 2148074254 26707
2011-10-04 06:29:09 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E) 401 1 2148074254 15

 

Formatted Version

============

Date Time Server IP Address Method URI Stem URI Query Server Port User Name Client IP Address User Agent HTTP Status Protocol Substatus Win32 Status Time Taken
date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2011-10-04 06:28:57 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;
+Windows+NT+6.1;
+WOW64;+Trident/4.0;
+SLCC2;+.NET+CLR+2.0.50727;
+.NET+CLR+3.5.30729;
+.NET+CLR+3.0.30729;
+InfoPath.3;+MS
-
RTC+LM+8;+.NET4.0C;+.NET4.0E)		 401 1 2148074254 26707

 

2011-10-07 举例更新

c:\Program Files (x86)\Log Parser 2.2>logparser.exe -i:IISW3C "select time-taken, cs-uri-stem, date, time, s-ip  from 'c:\temp\u_ex111005-2.log' where cs-uri-stem like'%.aspx' order by time-taken desc"

 

参考资料:

http://www.msexchange.org/tutorials/Using-Logparser-Utility-Analyze-ExchangeIIS-Logs.html

W3C Extended Log File Format (IIS 6.0)

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/676400bc-8969-4aa7-851a-9319490a9bbb.mspx?mfr=true

posted on 2011-10-07 09:43  中道学友  阅读(1456)  评论(0编辑  收藏  举报

导航

技术追求准确,态度积极向上