RE: Log Parser queries

Nemanja,

I covered IIS logs in this presentation (scripts and toolbox included):
http://www.davekleiman.com/Files/HTCIACyberCrimeSummit_For_CD.zip


Also check out LogParser Toolkit and Security Log Management both have
entire chapters dedicated to web servers.

http://www.syngress.com/catalog/?pid=3110

http://www.syngress.com/catalog/?pid=3440

Dave



-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of
nemanja.janic@xxxxxxxxxxxxxxxxxxxx
Sent: Friday, October 13, 2006 04:21
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: Log Parser queries

Hello list,
our company has recently deployed Share Point Portal as an
intranet solution, and we are currently working on opening
a part of it to the internet. I am trying to set up a
logging mechanism of IIS logs using MS Log Parser, and i
would apreciate some pointers in the sense of interesting
search strings, querys etc. I have been sifting the web
looking for things i should pay attention to when logging,
and have come up with some interesting things, but i need
more before. I don't want to log everything, just want to
set it up to log specific events but i am a bit blank as to
what it is i should be looking out for (i'm fairly new to
the whole thing of web log analysis)... any pointers would
be greatly apriciated, literature, web articles, anything.
Thank you.

Nemanja Janic

------------------------------------------------------------
---------------
------------------------------------------------------------
---------------



---------------------------------------------------------------------------
---------------------------------------------------------------------------