Please see attached.
1. You do not need to install any special tool or application to complete the lab exercises. The operating system of your computer (or VM) has several built-in commands that can be used to perform the analysis of the log files. I encourage you to use a Linux-based computer (e.g. MacBook) (or your Linux VM) to do the lab since Linux is the O/S of the web nowadays. You may use any SFTP tool to transfer your log files to your Linux VM if you do not have a Linux-based machine. Alternatively, you can use Windows PowerShell tools to accomplish the same goal if you are limited to a Windows-based computer. The rest of this message will assume Linux as the operating system of use.
2. The Lab will require you to understand how to use the pipe-and-filter architecture of the Unix/Linux to accomplish a goal using several commands where the output of one command is ‘piped’ as input to the next command. This is accomplished with the “|” character in Linux.
3. For an example, in order to answer the question “How many unique IP’s are there in the apache_logs file?”, you may try the following at your Linux commands prompt ($) in the order shown below:
a. $ head apache_logs
b. $ head apache_logs | cut -d ” ” -f 1
c. $ head apache_logs | cut -d ” ” -f 1 | sort
d. $ head -n 25 apache_logs | cut -d ” ” -f 1 | sort
e. $ head -n 25 apache_logs | cut -d ” ” -f 1 | sort | uniq
f. $ head -n 25 apache_logs | cut -d ” ” -f 1 | sort | uniq -c
g. $ head -n 25 apache_logs | cut -d ” ” -f 1 | sort | uniq | wc
h. $ head -n 25 apache_logs | cut -d ” ” -f 1 | sort | uniq | wc -l
i. $ cat apache_logs | cut -d ” ” -f 1 | sort | uniq | wc -l
4. Some of the lab questions may require that you use open sources (web, etc.) to research and ensure you understand the keywords in the question. For example, to determine “How many HTTP Tunneling attempts were made?” or “how many invalid HTTP requests are present in the log?”, you will need to research what HTTP Tunneling means what invalid HTTP requests are. This understanding will help you figure out what Linux commands to use to filter your search through the log files.
Last Completed Projects
topic title | academic level | Writer | delivered |
---|