Logparser

http://www.microsoft.com/en-us/download/details.aspx?id=24659

Logparser 的用法

https://www.cnblogs.com/Jerseyblog/p/3986591.html

利用 C# 去执行 Log Parser
https://www.cnblogs.com/chenleiustc/archive/2009/07/25/1530712.html

IIS log
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken

输出访问的url

C:Program Files (x86)Log Parser 2.2>logparser -i:iisw3c -o:csv "SELECT cs-uri-stem from D:TEMPTEST.LOG" > d: emp est.csv

求出各个页面类型，各种返回结果占总点击数的比重
logparser -i:iisw3c -o:csv "SELECT EXTRACT_EXTENSION(cs-uri-stem) AS PageType, sc-status, MUL(PROPCOUNT(*), 100.0) AS Hits FROM D:TEMPTEST.LOG GROUP BY PageType, sc-status ORDER BY PageType, sc-status" >d: emp est.csv

统计访问url类型
logparser -i:iisw3c -o:csv "SELECT EXTRACT_EXTENSION(cs-uri-stem) as PageType,count(1) from D:TEMPTEST.LOG GROUP BY PageType" > d: emp est.csv

统计访问useragent百分比
logparser -i:iisw3c -o:csv "SELECT DISTINCT cs(USER-AGENT) as IEType,count(1),mul(propcount(*),100) as Pert from D:TEMPTEST.LOG GROUP BY IEType" > d: emp est.csv

利用ODBC导入到数据库
logparser.exe "SELECT TO_LOCALTIME(TO_TIMESTAMP(ADD(TO_STRING(date, 'yyyy-MM-dd '), TO_STRING(time, 'hh:mm:ss')), 'yyyy-MM-dd hh:mm:ss')) AS CreateDate, * FROM D:TEMPTEST.LOG to LOG" -i:IISW3C -o:SQL -oConnString:"Data Source=localhost;Initial Catalog=Test;Integrated Security=True" -createtable:ON

logparser.exe  "SELECT *  FROM D:TEMPTEST.LOG to NginxLog" -i:NCSA -o:SQL -oConnString:"Dsn=iislog32" -createtable:ON

CSV logparser -i:CSV -iHeaderFile:"D:TEMPHEADER.TXT" -headerRow:OFF -o:csv "SELECT sc-status from D:TEMPTEST.CSV" > d: emp est2.csv

logparser -i:CSV -iHeaderFile:"D:TEMPHEADER.TXT" -headerRow:OFF "SELECT * INTO DATAGRID  from D:TEMPTEST.CSV"

NetMonitor

logparser -i:NETMON "SELECT * INTO DATAGRID  from D:TEMPCAPTEST.CAP"

Regedit.msc

LogParser "SELECT TOP 50 * INTO DATAGRID FROM HKLMSYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocols"

into sql server

LogParser "SELECT * INTO MyTable FROM HKLM" -i:REG -o:SQL -server:localhost -database:test -driver:"SQL Server" -username:sa -password:pass -createTable:ON

ODBC logparser.exe "SELECT TO_LOCALTIME(TO_TIMESTAMP(ADD(TO_STRING(date, 'yyyy-MM-dd '), TO_STRING(time, 'hh:mm:ss')), 'yyyy-MM-dd hh:mm:ss')) AS CreateDate, * FROM D:TEMPTEST.LOG to LOG" -i:IISW3C -o:SQL -oConnString:"Data Source=localhost;Initial Catalog=Test;Integrated Security=True" -createtable:ON logparser.exe  "SELECT *  FROM D:TEMPTEST.LOG to NginxLog" -i:NCSA -o:SQL -oConnString:"Dsn=iislog32" -createtable:ON

Not work LogParser "SELECT sc-status, COUNT(*) AS Times INTO Chart.gif FROM D:TEMPTEST.LOG GROUP BY sc-status ORDER BY Times DESC" -chartType:PieExploded3D -chartTitle:"Status Codes"

Not try FROM IIS://MyUsername:MyPassword@COMPUTER01/W3SVC/1

MD5 Hashes of System Files LogParser "SELECT Path, HASHMD5_FILE(Path) FROM C:WindowsSystem32*.exe" -i:FS -recurse:0 Identical Files LogParser "SELECT HASHMD5_FILE(Path) AS Hash, COUNT(*) AS NumberOfCopies FROM C:*.* GROUP BY Hash HAVING NumberOfCopies > 1" -i:FS

Active Directory LogParser "SELECT PropertyValue FROM LDAP://mydomain.mycompany.com WHERE PropertyName = 'comment'" -i:ADS LogParser "SELECT cn, operatingSystem, operatingSystemServicePack FROM LDAP://mydomain.mycompany.com/CN=Computers,DC=mydomain,DC=mycompany,DC=com" -i:ADS -objClass:Computer

LogQuery oLogQuery = new LogQuery();
 IISInputFormat oIISInputFormat = new IISInputFormat();
 string query = @"SELECT COUNT(DISTINCT c-ip) AS hits
                  FROM 'C:WINDOWSsystem32LogfilesW3SVC1ex070820.log'
                  WHERE cs-uri-stem like '%.asp'
                  AND sc-status=200";
 LogRecordSet oRecordSet = oLogQuery.Execute(query, oIISInputFormat);
 if (!oRecordSet.atEnd())
 {
     hits = (int)oRecordSet.getRecord().getValue("hits");
 }
 oRecordSet.close();