||The article you are reading has moved! It is now available at: http://blog.tinisles.com/2005/12/logparser/|
This handy utility lets you query logs just like SQL:
Running this from the command line tells me which pages are getting 500 errors:
LogParser.exe "SELECT cs-uri-stem, count(*) FROM ex*.log where sc-status=500 group by cs-uri-stem"
Where ‘ex*.log’ are all my IIS log files…
Forensic Log Parsing with Microsoft's LogParser - covers some useful samples for identifying suspicious activity in your IIS logs.