One of the best video walkthroughs of all time.

Great introduction to the topic, a few things that i think are worth mentioning, once people have learned the commands that were being demonstrated: If the logs your using have a variable amount of spaces between columns (to make things look nice), that can mess up using cut, to get around that you can use `sed 's/ */ /g` to replace any n spaces in a row with a single space. You can also use awk to replace the sed/cut combo, but that's a whole different topic. uniq also has the extremely useful -c flag which will add a count of how many instances of each item there were. And as an aside if people wanted to cut down on the number of commands used you can do things like `grep expression filepath` or `sort -u` (on a new enough system), but in the context of this video it is probably better that people learn about the existence of the stand alone utilities, which can be more versatile. Once you're confident in using the tools mentioned in the video, but you still find that you need more granularity than the grep/grep -v combo, you can use globbing, which involves special characters that represent concepts like "the start of a line"(^) or the wildcard "any thing"(*) (for example `grep "^Hello*World"` means any line that starts with Hello, and at some point also contains World, with anything or nothing in-between/after). If that still isn't enough you might want to look into using regular expressions with grep, but they can be even harder to wrap your mind around if you've never used them before. (If you don't understand globbing or re really are just from reading this that's fine, I'm just trying to give you the right terms to Google, because once you know something's name it becomes infinitely easier to find resources on them)

Doing this basically as a task for multiple questions in Uni. This is the only video that really made it click. Please do more tutorials, your content is fantastic!

I am checking this video 3year after upload. The video tutorial is on point and clear.

this one is one of the most helpful tutorials out there that show how powerful grep and pipe are. Thanks for sharing that and I hope you make more cool stuff.

This is a wonderful video. A perfect set to be learnt in order to crack interviews.

that was one of the most useful and simple tutorial i've ever seen

This video has been hugely helpful to me when parsing through log files of numerous types manually (IPtables, Netflow, SSH). Thank you very much mate.

I was searching for all command combinations in reading logs to extract an info. this video is great.

Thanks! That was informative. The only thing I would have done differently is flip the order of uniq -d and sort. Less items to sort after uniq filters them out.

You are very good at Linux, hope you continue sharing your knowledge!

this is exactly what I was looking for and even more! thank you so much!

Thanks for this one. Helped a lot

Concept explained well in a short video.

Thanks a lot that's very helpfull I would like to see more cases of analyzing the logs, to learn from you build more experience in that regard thanks

Thanks.. very helpful and will be using this as a reference from now on

You sir are incredible at teaching

Simple and straightforward ❤

Honestly i was looking for a long time for some good videos for linux, and sir I can tell you, your videos are gold! Thx a lot!

Awesome tutorial on cat and grep, Thanks...

It would be nice to see some range greps, meaning pull out all the IP's that hit the systems between 20:00 and 22:00 or something like that

great video, grep -v is quite useful. thanks for sharing this

Short and very usefull. Impressed :)

Thankyou this video was exactly what i needed

REALLY HELPED THANK YOU SO MUCH

Awesome video! Please don’t stop making Linux, bash, ethical hacking related videos. Thank you. Subscribed!! 😊

Muy buen video, gracias por compartir, saludos desde México

😊 great videos 👍 thank you!!!

Nice tutorial. I'm interested in what you have on that server that is gaining that much attention.

you have a great explanation way

thanks for the amazing video love it

If I wanted to count the number of times that each unique instance showed up. What would I do for that? Would I do the unique and then do the word count for each instance by using grep for that specific phrase?

@Hackpens very informative video mate. Thanks for sharing. What is this tool you are using? Do you have any video for beginner? I really need to learn this stuff. Kindly help. Thanks again.

You want the duplicates if they are from different source IP addresses as this means that different people have tried the same user names to access your system

thank you this is very helpful

Back in late 90's I wrote a script to track backup take useage.

You could configure fail2ban not only for sshd but also for nginx requests to catch 400-404 errors.

Very useful tutorial for me

Thanks for a great vid!

From description: > _"I show you how to filter information from a .log file, and you find out just how important strong passwords really are."_ i always wondered that pattern matching has smth to do with password security, but then i thought, you have to have passwords to apply pattern matching on 'em right? 'cz the password input field of a site doesn't accept regex, and generating exhaustive strings from regex doesn't help either... so, what are scenario we are imagining for talking about regex in context of secure passwords?

Thx. Very helpful.

thank you for this helpful video for a dummy like me!

Great info and an enjoyable watch 👍👏

Gold sir 🔥

Hi Sir, I have a log file which I cannot see after the command cd /var/log Please give me some suggestions thank you

YES YES YES YES!! MORE OF THIS!!

I’m on windows and I’m currently tasked with finding stuff for a log file they gave me

from the ip addres can you find out their location ?

hOW CAN I SEE ALL FILES ON HARD DRIVE OR USB ? AND HOW COULD DECRYPTED FILES BE ERASED OR OVERWRITE WITH SUDO SHRED ?

sir can we use awk instead of cut?

Now dump all the unique IPs into a text file, and run nslookup on each one. $50 says they all are located in China or Russia. At least %98-99 of them. At least that's what I always end up finding.

hi do you know how to copy log file from cowrie honeypot is on?

awesome video

Hi, great videos again :D Is this amaount of tried logins normal ? If so, this is a bit scary... Is there a way to "hide" the server ? Im a beginner, pls excuse a potential dumb questions/statement.

nice , except cut -d " " -f x not working for me , i will dig durther to figure out why..

Good vid, thank you

16 th field from experience still blow away

Thank you!

I learned something new, but I was searching different ting, here is that , kindly help with "How to grep a log file within a specific time period in Linux and with a specific keyword"

For compressed files, zcat zgrep

your awesome thank you Sir

Without changing directory how can we do

An idiom I like to use is to rank occurrences of things. If I were interested if there are repeated items, after I sorted the lines, I’d do a unique count and a numerical sort, like this: … | sort | uniq -c | sort -rn | head So I can see the top 10 repeated lines.

How to filter having above 8 character words🤔🤔

I put a custom messge saying it's the FBI'S system that displays on every ssh attempt

How to filter logs with root user details and 200 response

thank you

*grep "a_string" filename* - there is no need to use cat in any of the two case presented in this video.

I would suggest not to clear the screen so often. It could be helpful to see the line structure you are working on. Two or the [ Enter ] would do ...

farhan was here

ain't it grep -w instead of grep -v

6:36 someone tried Minecraft lol

Good

genius

Cool

awk '{print $11}'

thank you so much for this tutorial it helped me a lot with understanding of cat, grep and sort. Are you able to tell me what this command would do "cat -rf ~/syslog | sort | grep -iaE -A 5 'cpu[1-7].*(7[0-9]|8[0-9]|100)' | tee cpu.txt" specifically the numbers after cpu which seem to me like it's a time stamp

Quick revision: #cat auth.log | grep "invalid" | cut -d " " -f 11 | sort | uniq | wc -l #cat fail2ban.log | grep "Ban" | grep -v "Restore" | cut -d " " -f 16 | sort | uniq -d > ~/uniq_ips.txt