Log parser 2.2

Log parser 2.2 is a powerful universal tool for text-based data (such as log files, XML files, and CSV files) and important data sources on Windows operating systems (such as Event Logs, registries, file systems, and Active Directory) for general queries. Log parser can complete tasks well by telling log parser the information you need and how you want to process the information. Query results can be output in a text-based custom format, or saved for more specific targets (such as SQL, syslog, or charts. Most software is designed to complete a limited number of specific tasks. Log parser is different. It can be implemented as long as the user needs and can think of it. As long as you use Log parser, the world is your database.

Input Format

Cannot find the required input format? With the new COM input format, you can create your own custom input format and integrate it into the log parser engine.

XML-read XML files (Microsoft®XML Parser (MSXML ))

TSV-read text files that use tabs to separate values with spaces

Ads-read information from an Active Directory object

Reg-read information from the Windows Registry

NetMon-used to analyze the file captured by NetMon. Cap

ETW-event tracking for reading Windows Log Files and real-time sessions

SQL engine improvement

Exponential Performance Improvement of select distinct and group by queries

The "case" (simple form) Statement in the select clause, for example, "select case myfield when 'value1 'then' 0'when'value2'then'1' else'-1' end"

The "between" operator in the where and having clauses

With rollup in the group by clause

"Distinct" in the aggregate function (when the group by clause is not specified)

"Propsum (...) [On <field>] "and" propcount (...) [On <field>] "aggregate function (these two functions calculate the ratio between the sum or count function of a field and the sum or count function of the same field in a higher-level group)

The "using" clause used to declare a temporary field expression

Fields and aliases are not case sensitive.

Date and Time Format

L (millisecond, "l" in lower case)

N (nanoseconds)

TT (morning/afternoon)

? (Any character)

Overall improvement

The. SQL file can now use parameters, such as "logparser-file: myquery. SQL? Param1 = value1 + param2 = value2 "supports permanent coverage of Global Options, input format options, and default output format options, such as" logparser-E: 10-O: Nat-RTP: -1-savedefaults "improves the input I/O performance of text files

Output Format

Chart-create a chart image file (Microsoft Office 2000 or later is required)

TSV-write a text file that separates values with tabs and values with spaces

Syslog-send information to a syslog server or a text file in Syslog Format

Add function

MoD

Bit_and, bit_or, bit_not, bit_xor, bit_shl, bit_shr

Exp10, log10

Round and floor

Qntround_to_digit, qntfloor_to_digit

Strrepeat

In_row_number, out_row_number

Rot13

Extract_filename, extract_extension, extract_path

Hex_to_asc, hex_to_print, hex_to_int

Hex_to_hex8, hex_to_hex16, hex_to_hex32

Listen 4_to_int, int_to_ipv4

Hashseq, hashmd5_file

Extract_prefix, extract_suffix

Strcnt

Improvement on existing input and output formats

New parameters in most input and output formats

The NCSA input format can now be used to analyze combined and extended NCSA log files

The "eventcategoryname" and "data" fields are added to the EVT input format.

The-recurse option in most input formats now specifies the maximum subdirectory recursion level

CSV input and output formats currently support CSV files consisting of strings enclosed by double quotation marks

"Fileversion", "productversion", and "companyName" fields are added to the FS input format.

All IIS input formats support the use of "*" and "?" When specifying the site name Wildcard, for example, "select * from <mysite *. com>"

You can use a URL as the input path for all text-based input formats, such as "select * From http://www.adatum.com/table.csv"

The TPL output format Section supports the environment variable name and adds a system_timestamp variable.

The EVT input format improves the performance when reading local and remote event logs.

The COM interface that can write scripts now uses the command line attribute name for all input and output formats

Http://technet.microsoft.com/zh-cn/scriptcenter/dd919274.aspx

 

 

Http://www.microsoft.com/en-us/download/details.aspx? Id = 24659

Log parser 2.2