Log review

Wrote a simple script to aid with log review using keywords. You can use the below by substituting the keywords as well as log source.

#!/bin/bash
grep "Authentication fail" /mnt/c/monthly/app.log > /mnt/c/monthly/app-fail.txt
grep "Authentication fail" /mnt/c/monthly/os.log > /mnt/c/monthly/os-fail.txt
at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

VM for ransomware investigations

 My laundry list of tools/software useful when investigating ransomware cases.   Tor: Obviously need this to access Onion sites. qBittorrent...

  • "An error occured in avast! engine: Invalid argument"
    This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
  • NeXpose vs Nessus
    I've used Nessus for years. I only recently heard of NeXpose after Rapid7 started funding Metasploit and promised to integrate their sca...