I recently needed to select all IIS log entries between a specific timeframe. Log parser to the rescue! Here are a couple of examples I used.
‘Change the location of files right after the timeframe.’Change the location of files right after the timeframe. Displays in the command window
logparser “select date,time,cs-uri-stem,cs-uri-query,sc-status,time-taken from c:iislogsw3svc1ex080109.log where to_time(time) between timestamp(’01/01 16:35:00′, ‘MM/dd hh:mm:ss’) and timestamp(’01/01 16:40:00′, ‘MM/dd hh:mm:ss’)” -rtp:-1
‘Change the location of files right after the timeframe with a particular status code of 500 and pipe to an external file
logparser “select date,time,cs-uri-stem,cs-uri-query,sc-status,time-taken from c:iislogsw3svc1ex080109.log where to_time(time) between timestamp(’01/01 16:35:00′, ‘MM/dd hh:mm:ss’) and timestamp(’01/01 16:40:00′, ‘MM/dd hh:mm:ss’) and sc-status = 500” -rtp:-1 > filename.txt
Hope this is as useful to you as it was to me!
Cheers,
Steve