Preference for parsing log files?
RouteThisWay
Member Posts: 514
in Off-Topic
Just out of curiosity- what do you guys prefer to use to parse log files?
In my new role, I am doing much more indepth log file diving on ESX hosts- and am getting the feeling there is a better tool out there to view/parse log files.
What do you guys like to use to scour through unending lines of logs?
In my new role, I am doing much more indepth log file diving on ESX hosts- and am getting the feeling there is a better tool out there to view/parse log files.
What do you guys like to use to scour through unending lines of logs?
"Vision is not enough; it must be combined with venture." ~ Vaclav Havel
Comments
-
Claymoore
Member Posts: 1,637
SMS Trace because it would view them in real time (unlike notepad), but it would hang on large files. The 64bit client seems to have fixed this, but is a pain to get because it is only found on the ConfigMgr 2012 install disk. You could get it from the demo install if you want to put in the effort:
Deployment Research > Blog - Trace64 finally here to stay - But it is hidden
When the 32bit SMS Trace wasn't working for me anymore, I switched to the Kiwi Syslog viewer. It used to be free until SolarWinds bought Kiwi, but now has free and paid features:
Log Viewer for Windows | Product Overview | Kiwi Log Viewer -
NotHackingYou
Member Posts: 1,460 ■■■■■■■■□□
I wrote a quick app in C# to parse some log files for me once. It did a really nice job. I tried a couple different tools that were available and they didn't do exactly what I needed.When you go the extra mile, there's no traffic. -
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
vbscript and perl among other scripting languages. once you have a few routines written it can be very quick and simple to parse files how you want.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
JDMurray
Admin Posts: 13,093 Admin
I've written Excel add-ins in VB6 and VB.NET to normalize syslog messages into worksheets. It's a real challenege given all of the different devices that spew out syslog messages, each using a different data layout. -
paul78
Member Posts: 3,016 ■■■■■■■■■■
In the past, I've used emacs for just adhoc manipulation of a log copy. I find it fast and useful. But if it's a repetitive requirement (more than once a week) - I would use awk or sed scripts or whatever text processing language du-jour that I happened to be interested in at the time.
-
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
Actuly Notepad ++ you can write macros for and has lots of search and filtering tools. it can also open very large text files so it often my first stop for new logs files that I want to look at and dont already have tools to hand.
- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
Everyone
Member Posts: 1,661
I use Log Parser Studio, which is a GUI for Log Parser 2.2, both are free tools for Microsoft.
Introducing: Log Parser Studio - Exchange Team Blog - Site Home - TechNet Blogs
Log Parser 2.2
Can't beat it for logs that are generated by most Microsoft products.
Haven't tried using it with non-Microsoft product generated logs though.
