LogParser query to grab only external IP addresses from IIS logs?

tags:

views:

104

answers:

1

Q:

LogParser query to grab only external IP addresses from IIS logs?

I tried this question over at ServerFault and didn't have any luck, so I thought I'd try here.

I'm working on a public website that is used by both external visitors and internal employees. I'm after the external visitor hits, but I can't think of a good way to filter out the internal IP ranges.

Using LogParser, what is the best way to filter IISW3C logs by IP range?

This is all I've come up with so far, which can't possibly be the best or most efficient way.

WHERE [c-ip] NOT LIKE (10.10.%, 10.11.%)

Any help is appreciated.

+1 A:

The only other option is to use IPV4_TO_INT and Bitwise functions in your where clause. Personally I think what you have right now will be more readable and easier to maintain.

JD 2010-02-03 03:29:28

I had looked at the `IPV4_TO_INT` function but, as you pointed out, I think the readability would suffer greatly. Do you have any idea how well that function performs? Since this is for a one off query, I would use it if significantly faster. If not faster, I doubt I could justify it.

Josh 2010-02-03 22:07:46

No, I do not have any facts that show perfomance of one technique vs. another. I doubt performance is different between the two since logparser is not really using an optimization engine for the SQL.

JD 2010-02-04 00:19:34

ansaurus

tags:

views:

answers:

LogParser query to grab only external IP addresses from IIS logs?

related questions