zoukankan      html  css  js  c++  java
  • Log Parser分析IIS log的一个简单例子

    命令举例如下:

    C:\Program Files (x86)\Log Parser 2.2>logparser.exe -i:IISW3C "select time-taken as Duration from 'D:\IIS Log Folder\ex100817_6371.log' order by time-taken desc"

    结果返回:

    Duration
    --------
    190971
    154861
    154861
    145783
    124642
    124642
    101876
    99907
    80547
    77563
    Press a key...

    IIS log有如下的列

    #Fields:

    date

    time    

    s-sitename

    s-ip

    cs-method

    cs-uri-stem

    cs-uri-query

    s-port

    cs-username

    c-ip

    cs(User-Agent)

    cs(Referer)

    sc-status

    sc-substatus

    sc-bytes

    cs-bytes

    time-taken

    Example Snip

    =============

    #Software: Microsoft Internet Information Services 7.5
    #Version: 1.0
    #Date: 2011-10-04 06:28:57
    #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
    2011-10-04 06:28:57 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E) 401 1 2148074254 26707
    2011-10-04 06:29:09 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E) 401 1 2148074254 15

    Formatted Version

    ============

    Date Time Server IP Address Method URI Stem URI Query Server Port User Name Client IP Address User Agent HTTP Status Protocol Substatus Win32 Status Time Taken
    date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
    2011-10-04 06:28:57 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;
    +Windows+NT+6.1;
    +WOW64;+Trident/4.0;
    +SLCC2;+.NET+CLR+2.0.50727;
    +.NET+CLR+3.5.30729;
    +.NET+CLR+3.0.30729;
    +InfoPath.3;+MS
    -
    RTC+LM+8;+.NET4.0C;+.NET4.0E)
    401 1 2148074254 26707

    参考资料:

    http://www.msexchange.org/tutorials/Using-Logparser-Utility-Analyze-ExchangeIIS-Logs.html

    W3C Extended Log File Format (IIS 6.0)

    http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/676400bc-8969-4aa7-851a-9319490a9bbb.mspx?mfr=true

  • 相关阅读:
    【★】IT界8大恐怖预言
    ★互联网告别免费时代,准备好了吗?
    ★互联网告别免费时代,准备好了吗?
    PS小实验-去除水印
    PS小实验-去除水印
    玩转PS路径,轻松画logo!
    玩转PS路径,轻松画logo!
    玩转PS路径,轻松画logo!
    地图收敛心得170405
    地图收敛心得170405
  • 原文地址:https://www.cnblogs.com/awpatp/p/1804428.html
Copyright © 2011-2022 走看看