Apache Log Analysis – PowerShell Commands

The following PowerShell commands complete Deliverables 3 through 9.
Each section explains in simple terms what the command does.

# ===========================
# Deliverable 3
# List every log file in the Apache logs folder.
# This shows which .log files exist.
Get-ChildItem "C:\xampp\apache\logs" -File

# ===========================
# Deliverable 4
# Show the last five lines from the access log.
# Useful to view the most recent activity.
Get-Content "C:\xampp\apache\logs\access.log" -Tail 5

# ===========================
# Deliverable 5
# Show only lines that contain 404 or 400.
# Isolates Not Found and Bad Request entries.
Get-Content "C:\xampp\apache\logs\access.log" |
    Where-Object { $_ -match ' 404 ' -or $_ -match ' 400 ' }

# ===========================
# Deliverable 6
# Show only lines that do NOT contain 200.
# Removes successful requests so only problem entries remain.
Get-Content "C:\xampp\apache\logs\access.log" |
    Where-Object { $_ -notmatch ' 200 ' }

# ===========================
# Deliverable 7
# Search every .log file for the word 'error' and show the last five matches.
# Quickly surfaces recent error messages across all logs.
$A = @(Get-ChildItem -Path "C:\xampp\apache\logs" -Filter *.log |
      Select-String -Pattern 'error')
$A | Select-Object -Last 5

# ===========================
# Deliverable 8
# Extract only the IP addresses for 404 (Not Found) records.
# Gives a list of who triggered the not found responses.
$log = "C:\xampp\apache\logs\access.log"
$ips = Select-String -Path $log -Pattern '^(?<ip>\S+).+ 404 ' |
        ForEach-Object { $_.Matches[0].Groups['ip'].Value }
$ips

# ===========================
# Deliverable 9
# Count how many IP addresses were collected in step 8.
# Provides the total number of unique 404 sources.
$ips.Count