Microsoft Log Parser Toolkit: A complete toolkit for Microsoft's undocumented log analysis tool [ILLUSTRATED] (Paperback)

~ Gabriele Giuseppini (Author), Mark Burnett (Author), Jeremy Faircloth (Author), Dave Kleiman (Author) "Log files-records of events that have occurred in a system-often contain information deemed crucial to a business..." (more)
Key Phrases: log parser, separated log files, log file rotation, Service Control Manager, Active Directory, End Sub (more...)

Editorial Reviews

Product Description

HIGHLIGHT
Written by Microsoft's Log Parser developer, this is the first book available on Microsoft's popular yet undocumented log parser tool. The book and accompanying Web site contain hundreds of customized, working scripts and templates that system administrators will find invaluable for analyzing the log files from Windows Server, Snort IDS, ISA Server, IIS Server, Exchange Server, and other products.

System administrators running Windows, Unix, and Linux networks manage anywhere from 1 to thousands of operating systems (Windows, Unix, etc.), Applications (Exchange, Snort, IIS, etc.), and hardware devices (firewalls, routers, etc.) that generate incredibly long and detailed log files of all activity on the particular application or device. This book will teach administrators how to use Microsoft's Log Parser to data mine all of the information available within these countless logs. The book teaches readers how all queries within Log Parser work (for example: a Log Parser query to an Exchange log may provide information on the origin of spam, viruses, etc.). Also, Log Parser is completely scriptable and customizable so the book and accompanying Web site will provide the reader with hundreds of original, working scripts that will automate these tasks and provide formatted charts and reports detailing the results of the queries.

* Written by Microsoft's sole developer of Log Parser, this is the first book available on the powerful yet completely undocumented product that ships with Microsoft's IIS, Windows Advanced Server 2003, and is available as a free download from the
Microsoft Web site.

* The book and accompanying Web site contain dozens of original, working Log Parser scripts and templates for Windows Server, ISA Server, Snort IDS, Exchange Server, IIS, and more!

* This book and accompanying scripts will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks.

From the Author

"From the Author" Forum where the authors post timely updates and links to related sites

Downloadable chapters from these best selling books:

Google Hacking for Penetration Testers

Dr. Tom Shinder's Configuring ISA Server 2004

Snort 2.1 Intrusion Detection, Second Edition

Nessus Network Auditing

See all Editorial Reviews

Product Details

• Paperback: 350 pages
• Publisher: Syngress; 1 edition (February 24, 2005)
• Language: English
• ISBN-10: 1932266526
• ISBN-13: 978-1932266528
• Product Dimensions: 9 x 7 x 1.1 inches
• Shipping Weight: 1.6 pounds (View shipping rates and policies)
• Average Customer Review: 4.4 out of 5 stars  See all reviews (9 customer reviews)
• Amazon.com Sales Rank: #427,949 in Books (See Bestsellers in Books)

  Popular in these categories: (What's this?)

  #45 in	Books > Computers & Internet > Security & Encryption > Windows Security
  #46 in	Books > Computers & Internet > Software > Business > Utilities

Customer Reviews

Most Helpful Customer Reviews

5 of 5 people found the following review helpful:

5.0 out of 5 stars A must have for the Network Administrator / Security Pro, February 23, 2005

By	Dave Kleiman "DaveKleiman.com" (Florida USA) - See all my reviews (REAL NAME)

This is a complete reference for utilizing the MicrosoftLog Parser Tool in real world scenarios.
The authors do an outstanding job of bringing you from the basics of Log Parser through advanced techniques and tricks. I have thoroughly enjoyed reading it end to end, and have begun utilizing Log Parser in my daily log assessment routines. The Tips, Swiss Army Knifes, and Master Craftsman sidebars prove extremely creative and helpful.

7 of 8 people found the following review helpful:

5.0 out of 5 stars Learn how to harness the power of Log Parser!, February 18, 2005

By	Gabriele Giuseppini (Amsterdam, the Netherlands) - See all my reviews (REAL NAME)

Log Parser is a Swiss-army knife tool that provides users with a powerful set of basic features that analyze, slice, and report on a large variety of information.
The idea of writing this book stemmed from the realization that most of the Log Parser users find it difficult to harness the power of the tool and discover how to customize and use its basic features to complete the task at hand.
"The Microsoft Log Parser Toolkit" has been written by users that have been employing the tool for years to manage their IT systems, and shows the scripts, queries, and tricks that they use on their jobs.
The first chapter gives you a thorough understanding of the Log Parser SQL-like language (how do I filter Event Log entries? How do I search for specific Web requests in time? How do I calculate statistics?), introduces you to the many input and output formats supported by version 2.2 (including the newest ADS, TSV, and NETMON input formats and the CHART and SYSLOG output formats), and delves into those little-known additional features that enhance this tool's productivity (including incremental parsing and output multiplexing).
The next 10 chapters provide solutions and working examples for all the problems that can be quickly solved with Log Parser.
With these chapters you will learn how to script the tool features, how to write input format plug-ins to provide your own data to Log Parser, and how to best employ its input and output formats to create charts, reports, and web applications.
You will see techniques used by the authors to perform security auditing and intrusion detection, to analyze server performance, and to manage and monitor IIS servers.
Regardless of whether you are new to Log Parser, or if you are an experienced user, this book will give you new ideas and discover a few new tricks that you never thought of before!

4 of 4 people found the following review helpful:

5.0 out of 5 stars Excellent Real World Examples, March 2, 2006

By	Mike Lawton (Roanoke, VA) - See all my reviews (REAL NAME)

I bought this book thinking it would be a good reference point for using Log Parser 2.2, and am exceedingly impressed with the volume of real-world, practical examples.

Within minutes I had several scripts in production and was on my way to writing much more complex queries to squeeze every drop of valuable data from my logs. I'm querying IIS logs, Event Logs, CSV files and more with ease.

I've got this book at my side any time I go to write a new script. I would definitely recommend it to others.