星外系统IIS日志分析常用的几个命令小结

命令中的{0}代表源日志文件的路径，实际运行的时候请替换为真实路径

命令中的{1}代表日志导出到的文件的路径，实际运行的时候请替换为真实路径

例如：

7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,bytessent from 'd:\iislog\w3svc\sss.ibl' to 'd:\a.log' order by bytessent desc"

1、查询某IP访问某网站的某网页的次数，倒序排列

7i24iislog.exe -i:BIN -o:W3C "select clientipaddress,siteid,uristem,count(clientipaddress) from '{0}' to '{1}' group by clientipaddress,uristem,siteid order by count(clientipaddress) desc"

2、某IP访问整个服务器网站的次数

7i24iislog.exe -i:BIN -o:W3C "select clientipaddress,count(clientipaddress) from '{0}' to '{1}' group by clientipaddress order by count(clientipaddress) desc"

3、按照接收数据(用户上传)大小排列

7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,bytesreceived from '{0}' to '{1}' order by bytesreceived desc"

4、按照发送数据(用户下载)大小排列

7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,bytessent from '{0}' to '{1}' order by bytessent desc"

5、检测PHP发包

7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,uriquery from '{0}' to '{1}' where uriquery like '%port=%' and uriquery like '%ip=%'"

免责声明：本文内容来自用户上传并发布，站点仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。请核实广告和内容真实性，谨慎使用。