命令中的{0}代表源日志文件的路径，实际运行的时候请替换为真实路径
命令中的{1}代表日志导出到的文件的路径，实际运行的时候请替换为真实路径
例如：
7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,bytessent from 'd:\iislog\w3svc\sss.ibl' to 'd:\a.log' order by bytessent desc"


1、查询某IP访问某网站的某网页的次数，倒序排列
7i24iislog.exe -i:BIN -o:W3C "select clientipaddress,siteid,uristem,count(clientipaddress) from '{0}' to '{1}' group by clientipaddress,uristem,siteid order by count(clientipaddress) desc"

2、某IP访问整个服务器网站的次数
7i24iislog.exe -i:BIN -o:W3C "select clientipaddress,count(clientipaddress) from '{0}' to '{1}' group by clientipaddress order by count(clientipaddress) desc"

3、按照接收数据（用户上传）大小排列
7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,bytesreceived from '{0}' to '{1}' order by bytesreceived desc"

4、按照发送数据（用户下载）大小排列
7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,bytessent from '{0}' to '{1}' order by bytessent desc"

5、检测PHP发包
7i24iislog.exe -i:BIN -o:W3C "select siteid,uristem,uriquery from '{0}' to '{1}' where uriquery like '%port=%' and uriquery like '%ip=%'"
来源：互联网
免责声明：如果侵犯了您的权益，请联系站长（1277306191@qq.com），我们会及时删除侵权内容，谢谢合作！