Parsing Log files using windows PowerShell
An administrator can sometimes get in to a tricky spot, when someone asks questions about parsing log
files :) In this blog , we shall see how to parse IIS logs using PowerShell cmdlets.
Recently, my colleague Ajay was troubleshooting EWS issue and had multiple huge IIS logs from different servers.
We had tried to open the logs using a lot of large file viewer tools but no luck in opening them :(
Then we thought, Why not use the power of select-string to find out all the /EWS requests? So, here it is :
In Powershell cmd prompt, please navigate to the location where you have saved the IIS logs, and
run the below command :
Get-Content ".\*log" | ? { ($_ | Select-String "/ews")}
The above command would give us all the EWS requests.
To filter this to a particular user name, use the below command:
Get-Content ".\*log" | ? { ($_ | Select-String "/ews") -and ($_ | Select-String "Useralias")}
Some more options that will be more commonly required :
For Outlook Web Access : Replace EWS with OWA
For EAS : Replace EWS with Microsoft-server-activesync
For ECP : Replace EWS with ECP
To find out the count of the EWS request we can go ahead and run the below command
(Get-Content ".\*log" | ? { ($_ | Select-String "/ews") -and ($_ | Select-String "Useralias")}).count
-Written By Naveen Vasudevan Technical Lead
Comments
- Anonymous
November 05, 2013
The comment has been removed