Log Parser Plus example query

SMTP usage with basic logs

Returns information from an IIS SMTP instance (Windows Server 2012) when all you have is basic logs.
Keywords:
  • smtp
Statement: 
logparser -rtp:-1 "SELECT c-ip, REVERSEDNS(c-ip) AS [ClientHostName], cs-method, COUNT(*) AS [Requests] INTO SmtpClients.txt FROM *ex2104*.log WHERE cs-method IN ('RCPT') GROUP BY c-ip, [ClientHostName], cs-method ORDER BY [Requests] DESC"
Notes: If you only have the very basic logs for an SMTP instance in Windows Server 2012, this may help determine usage. Leave a comment on this query.

View more examples.


blog comments powered by Disqus