Just stumbled upon: Forensic Log Parsing with Microsoft’s LogParser.
Investigating a web-based intrusion can be a daunting task, especially when you have no information other than knowing it was web-based. It is easy to waste precious time digging through megabytes, perhaps even gigabytes, of log files trying to locate suspicious activity. Often this search turns up little useful evidence.
And also SANS runs a post about Log Parser: Computer Forensics How-To: Microsoft Log Parser.
Download Log Parser 2.2 from Microsoft.
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.
Install Windows Server Servicing Stack Updates (SSU) using PowerShell
Security baseline for Windows 10 v1903 and Windows Server v1903 – final release
Setting up Monit monitoring in Windows Subsystem for Linux WSL
How to verify SMBv1 is disabled in Windows and Windows Server
Silently import .reg file in your Windows registry
How to uninstall and remove Adobe Flash Player in Windows Server
How to set SVN_EDITOR environment variable in Windows Server
Manually fail-over all databases in an SQL Server Database Mirroring configuration