我有以下LogParser 2.2查询,该查询将查找Exchange 2010集线器传输的SMTP日志中的所有SMTP错误,并将其输出到SQL Server 2008 R2数据库。这工作正常,但我想添加错误源自的日志文件的名称作为字段名称(这将使跟踪更多有关错误的详细信息更容易)。有没有办法在字段列表中包含日志文件名?
"C:\Program Files (x86)\Log Parser 2.2\logparser.exe"
"SELECT
'Prospect' as ExchangeServer,
'Receive' as SmtpType,
TO_LOCALTIME(TO_TIMESTAMP(STRCAT(STRCAT(EXTRACT_PREFIX(TO_STRING([#Fields: date-time]),0,'T'),' '),EXTRACT_PREFIX(EXTRACT_SUFFIX(TO_STRING([#Fields: date-time]),0,'T'),0,'.')),'yyyy-MM-dd HH:mm:ss')) as Timestamp,
connector-id as Connector,
EXTRACT_PREFIX(local-endpoint,0,':') as ServerIP,
TO_INT(EXTRACT_SUFFIX(local-endpoint,0,':')) as ServerPort,
REVERSEDNS(EXTRACT_PREFIX(local-endpoint,0,':')) as ServerName,
EXTRACT_PREFIX(remote-endpoint,0,':') as ClientIP,
TO_INT(EXTRACT_SUFFIX(remote-endpoint,0,':')) as ClientPort,
REVERSEDNS(EXTRACT_PREFIX(remote-endpoint,0,':')) as ClientName,
TO_INT(EXTRACT_PREFIX(data,0,' ')) as Error, event as Event, data as Data,
context as Context
INTO SmtpLog
FROM 'E:\Log Files\SMTP\Receive\*.LOG'
WHERE (event = '>') and ((data LIKE '5%%') or (data like '4%%'))"
-i:CSV -nSkipLines:4 -o:SQL -server:DbServer -database:DbName -createTable:ON -clearTable:ON
答案 0 :(得分:4)
在所选列中,添加Logfilename
您也可能会发现LogRow很有用。