This is another post that I write with much enthusiasm and excitement. Recently, I was in search of a versatile log analyzer. In the past, I have used AWSTATS for analysis if IIS logs. In this instance, my needs involved the analysis of ISA log files. AWSTATS is an excellent open-source Web and E-Mail log analyzer (that I highly recommend, and often do), but it just didn’t give me what I was looking for when it came to ISA logs.

My journey through the Internet, via Google, in search of an ISA log analyzer ensued. I read through many feature lists and articles, viewed a number of screenshots, for various programs that were capable of processing ISA logs. Then it happened. I stumbled across one of the most flexible, free forming analyzers I had come across. This program also has the feature of being absolutely FREE. The program I am talking about is Microsoft’s Log Parser. Yes, Microsoft does have those hidden GEMS that are free.

At first glance, this command-line utility does appear overwhelming and complicated. Once I dug into its functionality and discovered its wide range of use, the only overwhelming feeling I had was excitement. This command-line utility can extract information from many common log ‘file’ types. Log Parser also includes a variety of output options (NAT, DATAGRID and CHART are my favorite). The data that is outputted is determined through a SQL like syntax, which is very powerful and FAST. I was able to process inquiries across large (individual) log files, in a directory, in a matter of seconds (600K records in multiple files took under 5 seconds to process). This program handles such a range of log ‘file’ types that I find myself using it constantly throughout the day.

A couple basic examples of Log Parser’s use are:







Log Parser is also accessible via COM interface. Once I came across this information in the help file my excitement level raised to a new high. The power of this command-line utility can be easily ‘wrapped’ in a GUI interface.
I am a Delphi fanatic, as many know, and love to incorporate it into everything. After reading up on the Log Parser classes I quickly imported the Type Library and threw together a sample application. Unfortunately, this is long enough as it is and the sample Delphi code will have to wait for Part 2 of this posting…

In the meantime I highly recommend downloading Microsoft’s Log Parser and becoming familiar with it. Once you do I am sure you will use it often.

Labels: Apps, Information, Tech