I wanted to send out something I found over the weekend which seems very useful. This tool is based off of the Microsoft log parser. This tool would have been easy to overlook, because the initial release did not have a User Interface. Most of us installed it and then said, great another command line tool with no instructions.
Why would I need this tool? This tool comes in handy to analyze Exchange logs. Also, this tool can query and search for anything, across many log types. The strength of this tool, is in the potential to help front line support, to use queries, created by escalation engineers in finding problems. This tool would be a call generator repository. It would take Engineer participation and leadership, but it could be used by entire IT departments as unified tool. Below please find the two ways to use Log parser and you can be the judge.
MS and lizard labs have both developed separate GUIS. The way you get this product to work is simple:
Once installed, you focus on adding a folder to the tool, containing your logs. Set the query to the File type you have. Then look at your chosen query to make sure it has any specific information from you, before you run it.
The tool is able to analyze the following log types-
There are a few things the MS log tool is missing. One thing It is not missing is a ton of pre-defined queries. That is nice. If you need more then just some pre-canned stuff, there is another project going on to build a better GUI, built off the awesome MS Log engine. There is a free and paid version of this tool:
The free version is totally worth its weight. It has been tried. It has been weighed. It has not been found Wanting. Lizard Labs Log Wizard is a very good adaptation of the Log analyzer tool.
If you want to go this route:
This tool starts to border on Data Mining. That is what is so cool about it! Being able to control data logs in this way, can be helpful with the most complex cases.
Input log types for lizard are pretty robust.
I hope this is helpful.