It has been a long time since I did something along those lines on Exchange 2003, but maybe this could put you on the right direction:
LogParser.exe -i:W3C -o:CSV "SELECT DISTINCT [Date],[Time],[Client-hostname],[Sender-Address],[Recipient-Address], [Message-Subject] FROM \\SERVIDOR\SERVIDOR.LOG\AAAAMMDD.LOG TO 'c:\temp\AAAAMMDD_SERVIDOR.CSV' WHERE [Server-hostname] LIKE '%SERVIDOR%' OR [Client-hostname] LIKE '%SERVIDOR%'" There’s a little more details here http://rcalmeida.net/?p=93, but unfortunately it’s in Brazilian Portuguese. So if you’re not into the google translator thing, drop me a line and I'll give you a hand. Hope that helps! Rubena Sent from my Windows 10 phone From: John Matteson Sent: Thursday, March 10, 2016 5:49 PM To: [email protected] Subject: [Exchange] Using LogParser Studio for SMTP log parsing Looking for information on the query needed to parse out the remote-endpoint IP address in Exchange 2010 transport protocol logs. I'd like to build this in LogParser Studio to get an CSV output that I can massage further before sending up to management. Any hints or pointers? I've Googled the subject, but haven't found much information that addresses my situation. Thanks. John M.
