This github repo provides resources and examples for doing log analysis via command line. This repo specifically focuses on using bash and/or *nix system. This is also "documentation" for myself.
This is mostly targeted at people in infosec and people who may do sysadmin/networking work but this may be useful for anyone else that needs to do quick data analysis via command line.
You need a bash shell, you need to be able to install tools, and know some basic linux commands. Some understanding of different log types is required. I'm using Ubuntu and its default shell.
You should be able to clone this github repo and start following along for the example part or you can copy and paste commands
- Basic commands, their usage, and resources
- Additionally, this section talks about common log types
- This goes through actual log analysis and answering questions
https://stedolan.github.io/jq/
https://github.com/alexhallam/tv
https://github.com/BurntSushi/ripgrep
https://github.com/rcoh/angle-grinder
- https://twitter.com/amilajack/status/1479328649820000256 - might be useful to review for additional tools
- https://github.com/logpai/loghub
- https://sec.okta.com/articles/2020/06/intro-log-analysis-harnessing-command-line-tools-analyze-linux-logs
- https://medium.com/pythonic-forensics/useful-commands-for-log-analysis-89093d8c51a4
- https://www.loggly.com/ultimate-guide/analyzing-linux-logs/
- https://cryptokait.com/2021/02/10/command-line-log-analysis-for-the-win-1-3-how-to-approach-a-wild-log/
- https://www.xmodulo.com/interactive-apache-web-server-log-analyzer-linux.html