Here is a quick example of pulling certain ip’s from the IIS Logs.
‘Specific log file
logparser “select top 10 count(*),c-ip from d:wwwlogsw3svc2u_ex010228.log where to_time(time) between timestamp(’01/01 13:50:00′, ‘MM/dd hh:mm:ss’) and timestamp(’01/01 14:55:00′, ‘MM/dd hh:mm:ss’) group by c-ip order by count(*) DESC”
‘specific website, all open logs.
logparser “select top 10 count(*),c-ip from <example.com> where to_time(time) between timestamp(’01/01 13:50:00′, ‘MM/ ddhh:mm:ss’) and timestamp(’01/01 14:55:00′, ‘MM/dd hh:mm:ss’) group by c-ip order by count(*) DESC”
1 Comment
RAVI said
i am not getting output sir,
logparser "select top 10 count(*),c-ip into 'c:temptest2.txt' from 'C:inetpublogsLogFilesW3SVC33096880u_ex120203.log' where to_time(time) between timestamp('2012-02-03 09:37:09', 'yyyy-MM-dd hh:mm:ss') and timestamp('2012-02-03 10:14:55', 'yyyy-MM-dd hh:mm:ss') group by c-ip order by count(*) DESC"