Logparser Scenario 8:Checking the traffic/requests between a specific client and server

This blog entry is a continuation of the KB Article https://support.microsoft.com/?id=910447.

Scenario 8: Checking the traffic/requests between a specific client and server

Why would you do it in the first place?
You may want to troubleshoot an authenticate issue for that specific client for the error that s/he reported to you. May be that's why!

Answer:

Logparser "select date, time, c-ip, cs-username, s-sitename, s-computername, s-ip, s-port, cs-method, cs-uri-stem, cs-uri-query, sc-status, sc-substatus,sc-win32-status, sc-bytes, cs-bytes, time-taken,cs-version, cs-host, cs(User-Agent), cs(Cookie), cs(Referer), s-event, s-process-type, s-user-time, s-kernel-time, s-page-faults, s-total-procs, s-active-procs, s-stopped-procs from <FILENAME> where c-ip='Client-IP'" -i:IISW3C -rtp:-1

And the output will be something like...

Hope that helps,
Rahul

Quote of the day:
It may be true that the law cannot make a man love me, but it can stop him from lynching me, and I think that's pretty important. - Martin Luther King Jr.