Git Product home page Git Product logo

iisparser's Introduction

IISParser - PowerShell Module

IISParser is a PowerShell module to read IIS logs. It's very fast and easy to use. This module is based on IISLogParser library that does all the heavy lifting. You can read quick introduction to IISParser on Reading IIS Logs with PowerShell blog post.

To install

Install-Module -Name IISParser -AllowClobber -Force

Force and AllowClobber aren't necessary, but they do skip errors in case some appear.

And to update

Update-Module -Name IISParser

That's it. Whenever there's a new version, you run the command, and you can enjoy it. Remember that you may need to close, reopen PowerShell session if you have already used module before updating it.

The essential thing is if something works for you on production, keep using it till you test the new version on a test computer. I do changes that may not be big, but big enough that auto-update may break your code. For example, a small rename to a parameter, and your code stops working! Be responsible!

Usage

Using IISParser module is very simple. Just import the module, and read the file as required.

Import-Module IISParser

Get-IISParsedLog -FilePath "C:\Support\GitHub\IISParser\Ignore\u_ex220507.log" | Select-Object -First 5 | Format-Table
Get-IISParsedLog -FilePath "C:\Support\GitHub\IISParser\Ignore\u_ex220507.log" | Select-Object -Last 5 | Format-Table
Get-IISParsedLog -FilePath "C:\Support\GitHub\IISParser\Ignore\u_ex220507.log" -First 5 -Last 5 -Skip 1 | Format-Table

Output of the above command will look like this:

DateTimeEvent       sSitename sComputername sIp           csMethod     csUriStem                                                                       csUriQuery                                                            sPort csUsername          cIp
-------------       --------- ------------- ---           --------     ---------                                                                       ----------                                                            ----- ----------          ---
07.05.2022 00:00:20                         127.0.0.1    GET          /api/v1.0/users/[email protected]/Messages $top=1&request_id=26cca5c9-37b6-4d0b-8ae1-31e5cb7ccc72                  444                     127.0.0.1
07.05.2022 00:00:22                         172.16.1.223 RPC_IN_DATA  /rpc/rpcproxy.dll                                                               Exch1.EVOTEC.XYZ:6001&RequestId=9e1ca7e6-278e-4b98-a9c0-be947b39a582    81                      172.16.1.223
07.05.2022 00:00:22                         172.16.1.223 RPC_OUT_DATA /rpc/rpcproxy.dll                                                               Exch1.EVOTEC.XYZ:6001&RequestId=3acb4929-df94-48c0-bbad-f5f2a39f0ac3    81                      172.16.1.223
07.05.2022 00:00:26                         172.16.1.223 POST         /mapi/emsmdb/                                                                   [email protected]            444 Anonymous           172.16.1.223
07.05.2022 00:00:27                         172.16.1.223 POST         /autodiscover/autodiscover.xml                                                  &reqId=e4639aef-215b-420f-8100-1e2f8eca8bcb                             444 EVOTEC\masul        172.16.1.223

Of course there are a bit more properties available:

Get-IISParsedLog -FilePath "C:\Support\GitHub\IISParser\Ignore\u_ex220507.log" -First 1 -Skip 1 | Format-List

Output of the above command will look like this:

DateTimeEvent : 07.05.2022 00:00:22
sSitename     :
sComputername :
sIp           : 172.16.1.223
csMethod      : RPC_IN_DATA
csUriStem     : /rpc/rpcproxy.dll
csUriQuery    : Exch1.EVOTEC.XYZ:6001&RequestId=9e1ca7e6-278e-4b98-a9c0-be947b39a582
sPort         : 81
csUsername    :
cIp           : 172.16.1.223
csVersion     :
csUserAgent   : MSRPC
csCookie      :
csReferer     :
csHost        :
scStatus      : 401
scSubstatus   : 1
scWin32Status : 2148074254
scBytes       :
csBytes       :
timeTaken     : 64

iisparser's People

Contributors

przemyslawklys avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

psdevuk techris45 oezdur czajson02

iisparser's Issues

Feature Request

The ability to filter the IIS Properties and also output the log to a csv file would pretty much make this perfect.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.