Written by Microsoft's Log Parser developer, this is the first book available on Microsoft's popular yet undocumented log parser tool. The book and accompanying Web site contain hundreds of customized, working scripts and templates that system administrators will find invaluable for analyzing the log files from Windows Server, Snort IDS, ISA Server, IIS Server, Exchange Server, and other products.
System administrators running Windows, Unix, and Linux networks manage anywhere from 1 to thousands of operating systems (Windows, Unix, etc.), Applications (Exchange, Snort, IIS, etc.), and hardware devices (firewalls, routers, etc.) that generate incredibly long and detailed log files of all activity on the particular application or device. This book will teach administrators how to use Microsoft's Log Parser to data mine all of the information available within these countless logs. The book teaches readers how all queries within Log Parser work (for example: a Log Parser query to an Exchange log may provide information on the origin of spam, viruses, etc.). Also, Log Parser is completely scriptable and customizable so the book and accompanying Web site will provide the reader with hundreds of original, working scripts that will automate these tasks and provide formatted charts and reports detailing the results of the queries.
Written by Microsoft's sole developer of Log Parser, this is the first book available on the powerful yet completely undocumented product that ships with Microsoft's IIS, Windows Advanced Server 2003, and is available as a free download from the Microsoft Web site
The book and accompanying Web site contain dozens of original, working Log Parser scripts and templates for Windows Server, ISA Server, Snort IDS, Exchange Server, IIS, and more!
This book and accompanying scripts will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks
Mark Burnett is a recognized security consultant, author, and researcher who specializes in hardening Microsoft Windows-based servers and networks. He has spent nearly a decade developing unique strategies and techniques for locking down Windows servers and maintaining his specialized expertise of Windows security. Mark is coauthor and technical editor of Microsoft Log Parser Toolkit (Syngress Publishing, ISBN: 1-93226-652-6), author of Hacking the Code: ASP.NET Web Application Security (Syngress Publishing, ISBN: 1-932266-65-8), coauthor of Maximum Windows 2000 Security (SAMS Publishing, ISBN: 0-672319-65-9), and coauthor of Stealing the Network: How to Own the Box (Syngress Publishing, ISBN: 1-931836-87-6). He also contributed to Dr. Tom Shinder's ISA Server and Beyond: Real World Security Solutions for Microsoft Enterprise Networks (Syngress Publishing, ISBN: 1-931836-66-3) and was a contributor and technical editor for Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle (Syngress Publishing, ISBN: 1-931836-69-8). Mark speaks at security conferences and has published dozens of security articles that have appeared in publications such as Windows IT Pro Magazine (formerly Windows &.NET Magazine), Redmond Magazine, Windows Web Solutions, Security Administrator, SecurityFocus.com, TheRegister.co.uk, and WindowsSecrets.com, among others. Microsoft has twice recognized Mark's contribution to the Windows community with the Windows Server Most Valued Professional (MVP) award.