I wonder if there's a better way to accomplish this:

C:\Program Files\Log Parser 2.2>logparser "SELECT [#Fields: date-time],session-id,remote-endpoint,data FROM RECV200912*.log WHERE session-id = (SELECT DISTINCT session-id FROM RECV200912*.log WHERE data LIKE '%MAIL FROM%someguy@domain.com%')" -i:CSV -nSkipLines:4 -o:DATAGRID -q

My SQL experience amounts to the above text and two chapters of example problems from Learning SQL so I'm a bit on the novice side, to put it lightly.

M:\>perl -ne "if (m/(\d{2}:\d{2}:\d{2}).*?W3SVC\d+ .*?([A-Z]+) (\S+) (\S+) 80 - (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) [A-Za-z].*? ([^23]\d{2}) 0 0/i) {print qq{$1 $5\t$6 $2\t$3 $4\n} }" \\webserver\LogFiles\W3SVC1513329900\ex090303.log

Another hideous regex, but this gives me a decent summary report of:

Timestamp ($1)
Source IP ($5)
HTTP status (that doesn't begin with 2 or 3) ($6)
HTTP method ($2)
URI stem ($3)
Page parameters ($4)