Microsoft Log Parser Toolkit :A Complete Toolkit for Microsoft's Undocumented Log Analysis Tool

Publication subTitle :A Complete Toolkit for Microsoft's Undocumented Log Analysis Tool

Author: Giuseppini   Gabriele;Burnett   Mark  

Publisher: Elsevier Science‎

Publication year: 2005

E-ISBN: 9780080489391

P-ISBN(Paperback): 9781932266528

P-ISBN(Hardback):  9781932266528

Subject: TP301.6 algorithm theory;TP309 安全保密;TP31 computer software;TP316 操作系统

Language: ENG

Access to resources Favorite

Disclaimer: Any content in publications that violate the sovereignty, the constitution or regulations of the PRC is not accepted or approved by CNPIEC.

Description

Written by Microsoft's Log Parser developer, this is the first book available on Microsoft's popular yet undocumented log parser tool. The book and accompanying Web site contain hundreds of customized, working scripts and templates that system administrators will find invaluable for analyzing the log files from Windows Server, Snort IDS, ISA Server, IIS Server, Exchange Server, and other products.

System administrators running Windows, Unix, and Linux networks manage anywhere from 1 to thousands of operating systems (Windows, Unix, etc.), Applications (Exchange, Snort, IIS, etc.), and hardware devices (firewalls, routers, etc.) that generate incredibly long and detailed log files of all activity on the particular application or device. This book will teach administrators how to use Microsoft's Log Parser to data mine all of the information available within these countless logs. The book teaches readers how all queries within Log Parser work (for example: a Log Parser query to an Exchange log may provide information on the origin of spam, viruses, etc.). Also, Log Parser is completely scriptable and customizable so the book will provide the reader with hundreds of original, working scripts that will automate these tasks and provide formatted charts and reports detailing the results of the queries.

  • Written by Microsoft's sole developer of Log Parser, this is the first book available on the powerful yet completely undocumented product that ships with Microso

Chapter

Cover

Contents

Foreword

Chapter 1 Introducing Log Parser

Chapter 2 Monitoring IIS

Chapter 3 Exploring the Windows Event Log

Chapter 4 Examining Network Traffic and Performance Logs with Log Parser

Chapter 5 Managing Snort Alerts

Chapter 6 Managing Log Files

Chapter 7 Investigating Intrusions

Chapter 8 Security Auditing

Chapter 9 Enhancing Log Parser

Chapter 10 Formatting, Reporting, and Charting

Chapter 11 Handling Complex Data

Appendix A SQL Grammar Reference

Appendix B Function Reference

Appendix C Input Format Reference

Output Format Reference

Index

Related Titles

The users who browse this book also browse