Using Microsoft's Log Parser

If you’re interested in forensics or log file analysis, Dave Kleiman has posted some useful information on using Microsoft’s Log Parser in forensics. As Dave says:

What is Log Parser? Microsoft’s Log Parser is perhaps the most underutilized and unknown tool for Microsoft OS’s. With this tool, retrieving vital information becomes a treat instead of a task. The tool is freely available from Microsoft.

You can download Log Parser here. Dave has a wealth of materials here on his website, and a specific presentation on using Log Parser here (rar file).

While Dave’s focus is on forensics, Log Parser is useful for all kinds of things, as it provides universal query access to log files, csv files, etc.