Re: ISA Logs Problem

• From: "Nabil, Ahmed" <anmahmou@xxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 15 Apr 2004 18:56:34 +0200

Does Microsoft Log parser works with IIS 5 and Windows2000

-----Original Message-----
From: cismic [mailto:cismic@xxxxxxx]
Sent: Thursday, April 15, 2004 6:06 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA Logs Problem


http://www.ISAserver.org

Hi Ahmed,

There are a number of packages out there.  I've actually written my own.
Although I do my queries when I get the data
into my database.  Microsoft has the log parser which you can use to query
the data. Also, out on
http://isatools.org you can find a couple of other parsers. I think that
there even is a pearl script.

Thank you,

Joseph

----- Original Message ----- 
From: "Nabil, Ahmed" <anmahmou@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, April 15, 2004 4:04 AM
Subject: [isalist] Re: ISA Logs Problem


http://www.ISAserver.org

Thanks for the Info. How can I change then my logs to reflect my time, the
whole logs (Firewall, proxy.....etc)

Also do you know any Software to read my logs instead of the ISA format,  a
software to filter and search for items.

Thanks,

Ahmed

-----Original Message-----
From: cismic [mailto:cismic@xxxxxxx]
Sent: Thursday, April 15, 2004 11:09 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA Logs Problem


http://www.ISAserver.org

Hi Nabil,
Logs are kept in what was used to be called greenwich time. or the 24 hour
clock etc.
Pacific time is -8 from the green wich time. Take a look at this

UTC OR GMT
I think that a good site for those who would like to know is
http://greenwichmeantime.com  from this site you'll be able to determine
what your Zulu time settings should be. For example :  convlog -ie
Logfile.log -t ncsa:-0800 is for the pacific time zone. The convlog also
has the following syntax available:

Usage: convlog [options] LogFile
Options:
-i<i|n|e> = input logfile type
    i - MS Internet Standard Log File
    n - NCSA Common Log File format
    e - W3C Extended Log File Format
    -t <ncsa[:GMTOffset] | none> default i
    -o <output directory> default = curren
    -x save non-www entries to a .dmp logf
    -d = convert IP addresses to DNS
    -l<0|1|2> = Date locale format for MS
                    0 - MM/DD/YY (default e.g. US)
                    1 - YY/MM/DD (e.g. Japan)
                    2 - DD.MM.YY (e.g. Germany)

Examples:
convlog -ii in*.log -d -t ncsa:+0800
convlog -in ncsa*.log -d
convlog -ii jra*.log -t none


----- Original Message ----- 
From: "Nabil, Ahmed" <anmahmou@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, April 15, 2004 12:18 AM
Subject: [isalist] ISA Logs Problem


http://www.ISAserver.org

Good morning All,

I am having two problems with my ISA Logs and I need your advice.

1. There is a time shift with almost 7 hours in the logs, its not showing
the correct exact time of each web request. How can I fix this issue ?

2. Its very hard to check these logs in this format, is there any well known
program to import this Logs to read it in an organized way ?

Thanks for your help,

Ahmed

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
anmahmou@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
anmahmou@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem
• » Re: ISA Logs Problem

1. Home
2. isalist
3. Archive
4. 04-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---