Roy Osherove

View Original

[Tool] Easier log parsing with Log Parser

Speaking of parsing log files, There's a little known tool called LogParser, and it's from the Microsoft IIS team. This very powerful parser can easily parse various kinds of log files and you can actually query against the data in a log file in an SQL-like syntax, or output the log into one of several formats, one of which is XML.

You can read more about this little known tool over at www.logparser.com (maintained by Mike Gunderloy). I recommend you take a long hard look and add it to your developer tool belt.

If you look at my log parsing article this tool covers all the functionality needed in that article out of the box. However, one thing this version does not do is parse log records that span multiple lines. For example:

RecordStart

Start: 10.22.53

User: Name

Action: something

RecordEnd

This kind of record in a log file cannot be parsed by LogParser, but using my technique you can parse this with relatively little effort. However, I'm told by Mike that the next version of LogParser will feature multiple line parsing, but you'd have to write your own plugin into the parser to achieve that (and it's plugin architecture will be based on COM, how's that for progress?)

Still, this is something I wish I'd looked into earlier (I've known about the tool but never actually checked it out)