For this part you will need to analyze the provided logfile part2.lo.pdf
0 likes5 views
The document outlines the process for analyzing a Linux server logfile (part2.log), detailing how log entries are structured and providing specific steps for analysis. Key tasks include loading the log file line by line, parsing the entries, identifying common components, and plotting their usage over specified time periods. The analysis aims to reveal insights about server activity, particularly regarding authentication failures.
1 of 1
Download to read offline
![For this part you will need to analyze the provided logfile part2.log. This files contains log
entries from a Linux server over the course of a month. The log entries are structured as follows:
Month Day H:M:S Level Component[ProcessID]: Content
For example the following log entry follows this format. Here the component is sshd(pam_unix)
and the content shows an authentication failure from remote host 218.188.2.4. Jun 14 15:16:01
combo sshd(pam_unix)[19939]: authentication failure; rhost=218.188.2.4
To analyze this logfile, perform the following steps:
1. Open the log file such that only a single line at a time is loaded into memory. [1]
2. Parse the log file and record the fields highlighted above. [5]
3. Create a datetime object to record the date. [2]
4. Find and print the three most commonly used components. [3]
5. Briefly describe these components as a comment in your program/notebook. One or two
sentences for each is sufficient. [3]
6. Create a plot that shows then these three common components were used throughout the day.
Divide the day into 2 periods (working hours and after hours) and plot the number of entrys for
each component during those periods. Working hours are between 9 and 5. [5]](https://image.slidesharecdn.com/forthispartyouwillneedtoanalyzetheprovidedlogfilepart2-231006123417-72443e8f/85/For-this-part-you-will-need-to-analyze-the-provided-logfile-part2-lo-pdf-1-320.jpg)
More Related Content
Similar to For this part you will need to analyze the provided logfile part2.lo.pdf (20)
Ad
More from mail931892 (14)
Ad
Recently uploaded (20)
For this part you will need to analyze the provided logfile part2.lo.pdf
- 1. For this part you will need to analyze the provided logfile part2.log. This files contains log entries from a Linux server over the course of a month. The log entries are structured as follows: Month Day H:M:S Level Component[ProcessID]: Content For example the following log entry follows this format. Here the component is sshd(pam_unix) and the content shows an authentication failure from remote host 218.188.2.4. Jun 14 15:16:01 combo sshd(pam_unix)[19939]: authentication failure; rhost=218.188.2.4 To analyze this logfile, perform the following steps: 1. Open the log file such that only a single line at a time is loaded into memory. [1] 2. Parse the log file and record the fields highlighted above. [5] 3. Create a datetime object to record the date. [2] 4. Find and print the three most commonly used components. [3] 5. Briefly describe these components as a comment in your program/notebook. One or two sentences for each is sufficient. [3] 6. Create a plot that shows then these three common components were used throughout the day. Divide the day into 2 periods (working hours and after hours) and plot the number of entrys for each component during those periods. Working hours are between 9 and 5. [5]