Skip to: Site menu | Main content


Log Parser – An amazing free log analyzing tool from MS

I have this remote Web site somewhere, with very limited access.
In terms of visitor/traffic analysis all I have is the ability to download its IIS log files.

So I have basically a computer with logs files – How can I analyze the log file to get some meaningful insight as for visitors and traffic?
Normally, when you have full access to the Web site, you simply install one of hundreds of great free PHP/Perl/ASP log analyzers which become actually a part of the Web server.
But here all I have are text files – How the hell will I analyze them?

I was simply amazed to discover Log Parser . By Microsoft. Yes. Microsoft.

This tool is unbelievable and I’m amazed I’ve never heard about it before.
This free, command-line tool lets you access text-based log files and analyze them as if they were an SQL database.
It’s simply unbelievable, you run the command ‘logparser‘ with the parameter of an actual SQL query.
And while I used it to analyze IIS logs, it can be used to analyze other sources as well.
Think about how cool that is – You have a certain huge CSV text file, and you can simply run SQL queries using this tool!

It’s such a cool tool there’s even an The Unofficial Log Parser Support Site.

I’ve found additional great usage examples here and even some great examples of running security analysis.

Download Log Parser

* Update *
Here are a couple of command line examples I quickly wrote for myself and show how to use Log Parser to get some basic information form the IIS log file:

Total Number of hits per day – Output to comma separated values text file
logparser "SELECT date, COUNT(date) AS Hits FROM ex*.log GROUP BY date ORDER BY date ASC" -o:CSV > hits.csv

All referring URLs – Output to comma separated values text file
logparser "SELECT cs(Referer), COUNT(cs(Referer)) AS Hits FROM ex*.log GROUP BY cs(Referer) ORDER BY COUNT(cs(Referer)) DESC" -o:CSV > ref.csv

Leave a Reply