Hey all - let me kick off by saying I think Log Parser is a wonderful bit of software
However, using it I've run into a bit of an issue - allow me to sketch my situation first.
I'm parsing MS DHCP Logfiles in order to send them to a Linux box. The obvious choice to send this information with was the SYSLOG output - which works like a charm, over both UDP and TCP.
The thing is however, that sending the information over TCP caused all lines to end up in one big blob of information. Not impossible to parse, but not particularly pretty either.
Allow me to illustrate with an example (a):
-----
<14>May 10 14:17:50 Q2K3-AD LogParser:c:\WINDOWS\System32\dhcp\DhcpSrvLog-Thu.log 264 11,05/10/07,15:34:49,Renew,10.200.1.100,qcam,00031B568036,<14>May 10
14:17:50 Q2K3-AD LogParser:c:\WINDOWS\System32\dhcp\DhcpSrvLog-Thu.log 265 11,05/10/07,15:35:33,Renew,10.200.1.100,qcam,00031B568036,<14>May 10 14:17:50
Q2K3-AD LogParser:c:\WINDOWS\System32\dhcp\DhcpSrvLog-Thu.log 266 11,05/10/07,15:36:18,Renew,10.200.1.100,qcam,00031B568036,
-----
would look a lot better if it were shaped like this (b), especially to the human eye
-----
<14>May 10 14:17:50 Q2K3-AD LogParser:c:\WINDOWS\System32\dhcp\DhcpSrvLog-Thu.log 264 11,05/10/07,15:34:49,Renew,10.200.1.100,qcam,00031B568036,
<14>May 10 14:17:50 Q2K3-AD LogParser:c:\WINDOWS\System32\dhcp\DhcpSrvLog-Thu.log 265 11,05/10/07,15:35:33,Renew,10.200.1.100,qcam,00031B568036,
<14>May 10 14:17:50 Q2K3-AD LogParser:c:\WINDOWS\System32\dhcp\DhcpSrvLog-Thu.log 266 11,05/10/07,15:36:18,Renew,10.200.1.100,qcam,00031B568036,
-----
My current commandline looks like this:
----
LogParser "SELECT * INTO @1.2.3.4:1234 FROM c:\*.Log" -i:TEXTLINE -o:SYSLOG -iCheckpoint:checkpoints.lpc -protocol:TCP
----
My question would be as follows: is it possible to make it so that (a) gets formatted like (b) (i.e. with newlines between each parsed line)? And, if yes, how?
Alternatively, some sort of separator character would work for my purposes as well ofcourse - any pointers or solid information is most welcome!