LOG Parser – Wonderful yet under-appreciated tool to read log of windows, IIS

LOG Parser – Wonderful yet under-appreciated tool to read log of windows, IIS

LOG Parser it one of the wonderful tool which helps you to read the log Widows, IIS etc. Log Parser is command line utility which helps you to read text based log file files such as XML, CSV and some key data source of Windows operating system such as event log and registry.  As an administrator, you face situation, many times, when you have to read various log files of windows and/or IIS and generally we used to open log file in notepad/XML viewer or some other 3rd party tool but if you think of LOG Parser in that situation, you will have familiar SQL based syntax to read the log and it returns data very fast.

You can download LOG Parser from here.

I am sure you must have seen EventViewer of Windows. It is very good tool to use for getting information about various system error, notification, warnings etc. we can access the same with help of LOG Parser with simple SQL based query. We have few different ways to access that information, out of those different ways, I generally check information in command prompt itself small amount of information is expected and I would go for DATAGRID if I am expecting big result set.

If you have download and installed LOG Parser, open it from Start->All Programs->Log Parser 2.2->Log Parser 2.2

You will get command prompt of Log Parser where you have to execute following command.

logparser.exe -i:EVT "SELECT TOP 5 * FROM System WHERE EventID>10"

Detail about the command we have executed above:

“Logparser.exe” is the command name which supposed to use to read any log information

“-i:EVT”: “-I” (input engine”) tells log parser which log supposed to use. “EVT” means windows event.

We have had “TOP 5” in SELECT query, it means that we will get only first 5 event based on the condition we have specified in WHERE clause.

For more information, look at screen capture given below:

Now, if you want to see the result in DATAGRID, add “-o DATAGRID” which is output engine argument.

[sourcecode] logparser.exe -i:EVT -o:DATAGRID "SELECT * FROM System WHERE EventID>10" [/sourcecode]

As soon as you execute the command in command prompt, you will get datagrid something like this:

This is just an introduction of one of the versatile and powerful yet under-appreciated tool. I will have follow-up articles to show different usage of Log Parser.

If you like this article, do like “Extreme-Advice” page in Facebook.

Reference: Ritesh Shah



Note: Microsoft Books online is a default reference of all articles.

Author: Riteshshah

Ritesh Shah is a database professional with having 16+ years of experience in various domain of IT field. He is a author of many technical articles on Microsoft Technology and authored a book of SQL Server 2012 Performance Tuning cookbook. He loves work with different Microsoft Products.

3 thoughts on “LOG Parser – Wonderful yet under-appreciated tool to read log of windows, IIS”

Comments are closed.