Logparser is a free command-line tool from Microsoft that is great for querying various kinds of log files using a SQL dialect. Every developer who has ever asked themselves a question like “I wonder if this error has ever happened before” and the proceeded to scroll through screens and screens of event log entries looking for possible matches, or has just received an error report from testing and wonders “has that page ever been hit before, and if so by whom” should acquaint themselves with logparser. For those not enamoured with the command-line interface there are “wrappers“ like Visual LogParser, and even ways of integrating with it programatically such as this ADO.NET data provider for LogParser on CodeProject. Me? - I like the command-line interface.
Logparser takes a simple concept - querying log files in various formats in a relational way - and realizes it fully. As a result there are a plethora of options for controlling it, over and above the power of the query dialect which includes features like group by, order by etc. My favourite option is the -o:NEUROVIEW switch which displays the output from the query in a manner similar to scenes from “The Matrix”, proving that the authors of LogParser were not only talented hackers, but had a sense of humour as well.
