I've been trawling through a lot of logs. IIS logs. A lot.
logparser is a tremendous tool for trawling through lines by way of T-SQL syntax.
I have a number of requests coming out at hours, instead of seconds! What I wanted to be able to see is if there was a particular time when this nonsense started. This is a little difficult to achieve because IIS only tells you when the transaction is finished.
Using logparser, you can figure it out using a query like so (assuming your logfile is in W3C format).
logparser -i:W3C "SELECT LogFilename, time-taken, TO_LOCALTIME(TO_TIMESTAMP(SUB(TO_INT(TO_TIMESTAMP(date, time)), DIV(time-taken,1000)))) As LOCAL-REQUEST-START-TIME, TO_LOCALTIME(TO_TIMESTAMP(date, time)) As LOCAL-REQUEST-FINISH-TIME, cs-username, sc-status, sc-substatus, sc-win32-status, cs-uri-stem AS URL from *.log ORDER BY LOCAL-REQUEST-START-TIME ASC" -o:csv
Hope this helps someone.
0 comments:
Post a Comment