Parsing IIS Logs to PowerShell Objects

I recently had to find all the client IP’s a certain user used to connect to a system, using IIS logs as the source. I know there is a log parser that can be used for this. But I wanted to be able to use the results in another PowerShell script which is why I chose PowerShell to filter the results.

I wrote a small PowerShell cmdLet to convert IIS logs to PowerShell objects so that I could manipulated them easily and pass the results to other cmdLets.

The CmdLet can be found in my GitHub repo.

Examples of using the CmdLet below

About the author

Ben Taylor

Cloud and PowerShell enthusiast with a penchant for automation and CI.

View all posts


  • Really helpfull!
    All 404 (file not found) requests:
    (Get-ChildItem -Path “D:\inetpub\logs\logfiles\W3SVC5” -Filter *.log | Sort-Object -Property LastwriteTime -Desc
    ending)[0].Fullname | Convert-IISLogsToObject | Where { $_.’sc-status’ -eq ‘404’} | Group-Object -Property cs-uri-stem |
    Select Count, Name | Format-List

  • +1 on the helpful / thank-you front!

    Used this to find the client IP addresses of all 403.16 errors in some or all IIS log files!

Leave a Reply

Your email address will not be published. Required fields are marked *