Wrote a simple script to aid with log review using keywords. You can use the below by substituting the keywords as well as log source.
#!/bin/bash
grep "Authentication fail" /mnt/c/monthly/app.log > /mnt/c/monthly/app-fail.txt
grep "Authentication fail" /mnt/c/monthly/os.log > /mnt/c/monthly/os-fail.txt
Subscribe to:
Posts (Atom)
VM for ransomware investigations
My laundry list of tools/software useful when investigating ransomware cases. Tor: Obviously need this to access Onion sites. Transmissi...
-
This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
-
Downloaded a sample of "Zbot" from Offensive Computing's site . I'm no reverse engineering guru but decided to give it a ...