Navigation:  Web Reports > Log File Monitoring >

Log Delimited

 Top  Previous  Next

The Log File Delimited page lets you view your delimited log files in an organized fashion. The log files for IIS provides a perfect example of a log file that is delimited with a comma. By splitting this values in to separate fields in the database we can use the Log File Delimited page to focus on specific area of IIS.

 

clip0397

 

The page will load initially with no File Type loaded. To begin start by selecting a file type from the drop down list.

 

clip0398

 

After making a selection you will notice that menu options will be dynamically reloaded according to the routing that you have set up in the EventSentry Management console. The names of the columns will also be reloaded in to the Group By and the Sort By options. At this point it is possible run an open search by not selecting any values.

 

Revision

Whenever a change is made to the File Definitions in the EventSentry Management console the web reports will notice that as a new revision. By changing the revision number you can view previous mappings and the data that was logged during that period.

 

 

Input option

Given the screenshot options above, items such as Date or Time will allow you to add string values to your search. By default anything that is added to this field will look for an exact match unless you specify a wildcard.

 

2007-05-25

Will match any value that match the exact date

2007-05-2*

Will return any date between 2007-05-20 and 2007-05-29

2007-0*-2*

Will return any day between 20-29 and any month between 01-09

 

Both * and % can be used as wildcards.

 

Select options list

For items set to be Lookup Text in the Management console you will have the option to select the values that have been logged to the database under that field. The default option is always set to ANY and is loaded empty.

 

clip0571

 

You will notice a warning message that appears when you make your file type selection. This is a reminder that the select boxes are empty and need to be click in order to be populated. This functionality is there because with many log files there is a lot of variations that are logged, with IIS the URI Query (parameters) for each page loaded can generate a large amount data which would render the page almost unusable. With this option you can only load the data that you are interested in which helps the page load much faster.

 

 

Results

 

clip0400

 

Starting with EventSentry v2.80 you have the option in the web reports to hide columns by clicking the X on the table header. This if very useful on a page like Log File Delimited because you can hide unneeded or redundant data from your reports. Here we can see who is accessing which file, their IP address and what Protocol Status IIS was returning.

 

 

Group By

A very useful option on this page is the ability to use Group By to give you a birds-eye view of the data being generated. On this page you have an option to group by every delimited field you are monitoring.

 

clip0401

 

Here we can see that a majority of users are accessing the pages using the GET method.