logparser -i:FS "SELECT TOP 20 Path, CreationTime from c:\inetpub\wwwroot*.* ORDER BY CreationTime DESC" -rtp:-1
logparser -i:FS "SELECT TOP 20 Path, CreationTime from c:\inetpub\wwwroot\*.* ORDER BY CreationTime DESC" -rtp:-1
Path CreationTime
----------------------------------------------------------- ------------------
c:\inetpub\wwwroot\Default.asp 6/22/2003 6:00:01
c:\inetpub\wwwroot\About.asp 6/22/2003 6:00:00
c:\inetpub\wwwroot\global.asa 6/22/2003 6:00:00
c:\inetpub\wwwroot\Products.asp 6/22/2003 6:00:00
20 most recently modified files logparser
logparser -i:FS "SELECT TOP 20 Path, LastWriteTime from c:\inetpub\wwwroot*.* ORDER BY LastWriteTime DESC" -rtp:-1
Files that have resulted in 200 status codes Files that have resulted in 200 status codes (in case trojans were deleted)
logparser "SELECT DISTINCT TO_LOWERCASE(in case trojans were deletedcs-uri-stem) AS URL, Count() AS Hits FROM ex.log WHERE sc-status=200 GROUP BY URL ORDER BY URL" -rtp:-1
logparser "SELECT DISTINCT TO_LOWERCASE(cs-uri-stem) AS URL, Count(*) AS Hits FROM ex*.log WHERE sc-status=200 GROUP BY URL ORDER BY URL" -rtp:-1
URL Hits
---------------------------------------- -----
/About.asp 122
/Default.asp 9823
/downloads/setup.exe 701
/files.zip 1
/Products.asp 8341
/robots.txt 2830
logparser "SELECT DISTINCT date, cs-uri-stem, c-ip, Count() AS Hits FROM ex.log GROUP BY date, c-ip, cs-uri-stem HAVING Hits>50 ORDER BY Hits Desc" -rtp:-1
logparser "SELECT DISTINCT date, cs-uri-stem, c-ip, Count(*) AS Hits FROM ex*.log GROUP BY date, c-ip, cs-uri-stem HAVING Hits>50 ORDER BY Hits Desc" -rtp:-1
date cs-uri-stem c-ip Hits
---------- ----------------------------------- --------------- ----
2003-05-19 /Products.asp 203.195.18.24 281
2003-06-22 /Products.asp 210.230.200.54 98
2003-06-05 /Products.asp 203.195.18.24 91
2003-05-07 /Default.asp 198.132.116.174 74