Log review

Wrote a simple script to aid with log review using keywords. You can use the below by substituting the keywords as well as log source.

#!/bin/bash
grep "Authentication fail" /mnt/c/monthly/app.log > /mnt/c/monthly/app-fail.txt
grep "Authentication fail" /mnt/c/monthly/os.log > /mnt/c/monthly/os-fail.txt
at No comments:
Labels: , ,
Subscribe to: Posts (Atom)

VM for ransomware investigations

 My laundry list of tools/software useful when investigating ransomware cases.    Tor: Obviously need this to access Onion sites. Transmissi...

  • "An error occured in avast! engine: Invalid argument"
    This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
  • Zbot
    Downloaded a sample of "Zbot" from Offensive Computing's site . I'm no reverse engineering guru but decided to give it a ...