demn 发表于 2015-8-16 08:23:53

Log Parser分析IIS log的举例

  命令举例如下:
  C:\Program Files (x86)\Log Parser 2.2>logparser.exe -i:IISW3C "select time-taken as Duration from 'D:\IIS Log Folder\ex100817_6371.log' order by time-taken desc"
  
  结果返回:
     Duration      
--------      
190971      
154861      
154861      
145783      
124642      
124642      
101876      
99907      
80547      
77563      
Press a key...
  

  
  Example Snip
  =============
  #Software: Microsoft Internet Information Services 7.5   
#Version: 1.0   
#Date: 2011-10-04 06:28:57   
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken   
2011-10-04 06:28:57 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E) 401 1 2148074254 26707   
2011-10-04 06:29:09 fe80::1587:9a8b:df87:50a%17 GET /_layouts/viewlsts.aspx BaseType=0 80 - fe80::1587:9a8b:df87:50a%17 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E) 401 1 2148074254 15
  
  Formatted Version
  ============
          Date      Time      Server IP Address      Method      URI Stem      URI Query      Server Port       User Name      Client IP Address      User Agent      HTTP Status      Protocol Substatus      Win32 Status      Time Taken                date       time       s-ip      cs-method       cs-uri-stem       cs-uri-query       s-port       cs-username       c-ip       cs(User-Agent)      sc-status       sc-substatus       sc-win32-status       time-taken                2011-10-04      06:28:57      fe80::1587:9a8b:df87:50a%17      GET      /_layouts/viewlsts.aspx       BaseType=0      80      -      fe80::1587:9a8b:df87:50a%17      Mozilla/4.0+(compatible;+MSIE+7.0;         
+Windows+NT+6.1;         
+WOW64;+Trident/4.0;         
+SLCC2;+.NET+CLR+2.0.50727;         
+.NET+CLR+3.5.30729;         
+.NET+CLR+3.0.30729;         
+InfoPath.3;+MS         
-         
RTC+LM+8;+.NET4.0C;+.NET4.0E)      401       1      2148074254       26707        
  2011-10-07 举例更新
  c:\Program Files (x86)\Log Parser 2.2>logparser.exe -i:IISW3C "select time-taken, cs-uri-stem, date, time, s-ipfrom 'c:\temp\u_ex111005-2.log' where cs-uri-stem like'%.aspx' order by time-taken desc"
  
  参考资料:
  http://www.msexchange.org/tutorials/Using-Logparser-Utility-Analyze-ExchangeIIS-Logs.html
  W3C Extended Log File Format (IIS 6.0)
  http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/676400bc-8969-4aa7-851a-9319490a9bbb.mspx?mfr=true
页: [1]
查看完整版本: Log Parser分析IIS log的举例