Customer Reviews

Microsoft Log Parser Toolkit: A complete toolkit for Microsoft's undocumented log analysis tool

5 star:		(8)
4 star:		(1)
3 star:		(2)
2 star:		(0)
1 star:		(0)

 

 

This is a complete reference for utilizing the Microsoft'Log Parser Tool in real world scenarios.
The authors do an outstanding job of bringing you from the basics of Log Parser through advanced techniques and tricks. I have thoroughly enjoyed reading it end to end, and have begun utilizing Log Parser in my daily log assessment routines. The Tips, Swiss Army Knifes, and Master Craftsman sidebars prove extremely creative and helpful.

Log Parser is a Swiss-army knife tool that provides users with a powerful set of basic features that analyze, slice, and report on a large variety of information.
The idea of writing this book stemmed from the realization that most of the Log Parser users find it difficult to harness the power of the tool and discover how to customize and use its basic features to complete the task at hand.
"The Microsoft Log Parser Toolkit" has been written by users that have been employing the tool for years to manage their IT systems, and shows the scripts, queries, and tricks that they use on their jobs.
The first chapter gives you a thorough understanding of the Log Parser SQL-like language (how do I filter Event Log entries? How do I search for specific Web requests in time? How do I calculate statistics?), introduces you to the many input and output formats supported by version 2.2 (including the newest ADS, TSV, and NETMON input formats and the CHART and SYSLOG output formats), and delves into those little-known additional features that enhance this tool's productivity (including incremental parsing and output multiplexing).
The next 10 chapters provide solutions and working examples for all the problems that can be quickly solved with Log Parser.
With these chapters you will learn how to script the tool features, how to write input format plug-ins to provide your own data to Log Parser, and how to best employ its input and output formats to create charts, reports, and web applications.
You will see techniques used by the authors to perform security auditing and intrusion detection, to analyze server performance, and to manage and monitor IIS servers.
Regardless of whether you are new to Log Parser, or if you are an experienced user, this book will give you new ideas and discover a few new tricks that you never thought of before!

I bought this book thinking it would be a good reference point for using Log Parser 2.2, and am exceedingly impressed with the volume of real-world, practical examples.

Within minutes I had several scripts in production and was on my way to writing much more complex queries to squeeze every drop of valuable data from my logs. I'm querying IIS logs, Event Logs, CSV files and more with ease.

I've got this book at my side any time I go to write a new script. I would definitely recommend it to others.

Log Parser by it self is a wonderful tool, this book lets you get up and running with it in no time.
Additionally it gives a great insight on logs. This book is essential for any admin that wants to keep with "the going on" on his network without running agents everywhere. Log Parser toolkit lets you make logs readable (what a novel concept) without the need for heavy programming, all the scripts are included and really easy to customize. If you keep any type of log this will make your life easier and can save you major head hakes. My only recommendation is when you get one for your self, don't forget to get one for your IIS admin and your security guy, or be ready to share it. Enjoy it...

This tool is amazing in that it supports a variety input and output formats including reading in syslog and outputting into databases are pretty Excel charts. The filtering uses an SQL syntax. The tool comes with a DLL that can be registered, so that scripters (VBScript, Perl, JScript, etc.) can access the power of this tool.

This book not only covers the tool (alternative being to scrape the network for complex incomprehensible snippets), but shows real world practical solutions with the tool, from analyzing web logs, system events, security and network scans, etc.

This tool is just heavensend for analysis and transforming of any data in a variety of formats. The book and tool go hand-in-hand, and I highly recommend incorporating this into your tool (and book) into your tool kit and/or scripting endeavors immediately.

My only regret with this book is that I didn't read it much earlier in my career. Log Parser is a must have tool for every forensics professional and incident responder. Imagine having the ability to take almost any chunk of data and quickly search it using SQL-based grammar. Given the sheer amount of data the average security professional must analyze, Log Parser is perhaps even more relevant today than it was ten years ago. Gabriele Giuseppini is the creator of Log Parser and he and his co-authors do a superb job of teaching the tool and demonstrating its often overwhelming feature set. What could be a very dry manual turns out to be very engaging through copious use of real-world examples that can be used immediately to jump start your investigations. A model for how technical books should be approached.

Log Parser can be a Windows sys admin's dream come true. In one tool, it can input from a large variety of sources (file system, registry, log files, IIS log flavors, command line tools, etc.), has an extensible architecture, provides a SQL-like syntax to query, and provides a variety of output formats, including graphs, text, syslog, XML, HTML, email, and such.

The book is written by the author of the tool. The tool's interface appears simple. The power of it is revealed in the variety of uses to which it can be put -- those uses involve the sophisticated command variations possible. The book reveals precisely this.

If you're overwhelmed by system information and how to monitor that without a bunch of 3rd party tools, take a look at Log Parser. It may be just what you need.

Syngress was acquired by Elsevier Publishing. The source files are now available at [...]

Being able to easily correlate information from multiple event logs is a big help.

Many of the examples are aimed at maintaining and improving security. I found the techniques described helpful for chasing linked defects in a multiple-machine server farm.

Unfortunately, the examples from the book are no longer available on the publisher's web site.

This is a must have for any systems engineer who needs to take a proactive approach in system monitoring. Used in conjunction with ASP and a backend database, real time monitoring apps are a snap to build.

This book is factual, accurate, and authoritative. But I don't like technical books that read like technical books. "Huh?" you say.

If I were to write this book, I would make it easier to understand with ample examples. It's better than Log Paser's Help, but not by a whole lot. I believe that technical books should be reasonably easy to understand - even by the non-technical.

My 3 star rating is just my opinion/experience. Others may find this book to be just the ticket.