When using the command-line executable, Log Parser works on
commands supplied by the user.
Each command has five distinct components:
For example, let's consider the following simple
command:
C:\>LogParser -i:EVT -fullText:OFF -o:CSV -tabs:OFF "SELECT * INTO output.csv FROM SYSTEM"The command above is structured as follows:
In some cases, it might not be necessary to specify the Input
Format. In the example command above, the value of the FROM clause
is "SYSTEM", which is the name of a standard Windows Event Log;
this name is automatically recognized by Log Parser as a candidate
for the EVT Input Format, so we can avoid specifying the Input
Format name altogether:
C:\>LogParser -fullText:OFF -o:CSV -tabs:OFF "SELECT * INTO output.csv FROM SYSTEM"As examples of other values of FROM clauses that can be recognized by Log Parser, the IISW3C Input Format is selected automatically when the filename in the FROM clause starts with "ex" and has the ".log" extension, and the XML Input Format is selected automatically when the filename has the ".xml" extension.
The same applies to Output Formats: in the example command
above, the filename in the INTO clause has the "csv" extension,
thus selecting automatically the CSV Output Format; the same
command can therefore be typed as:
C:\>LogParser -fullText:OFF -tabs:OFF "SELECT * INTO output.csv FROM SYSTEM"When an Output Format is not specified, and the SQL query does not contain an INTO clause Log Parser automatically selects the NAT Output Format, which prints the results of the query to the console window.
These examples show the minimal Log Parser command is made up of the SQL query alone. In most cases the Input and Output formats can be deducted automatically from the INTO and FROM clauses of the query; however, it is a recommended good practice to always explicitly specify the Input and Output formats using the -i and -o parameters.
© 2004 Microsoft Corporation. All rights reserved.