-
Questions, who should be answered easily: Tips for analyzing log files Search a log and count the hosts: cat log | jq -c '.host' | sort | uniq -c | sort -n To see more about the host “Apache” cat log | grep "Apache" | jq Search in gzipped logs: zgrep log.gzzcat log.gz | grep "Apache" Convert…
-
It is possible to write as a user arbitrary text into the logs. Messages can be faked which could alert persons/surveillance systems. https://turbochaos.blogspot.com/2014/08/journalctl-terminal-escape-injection.html?view=classic