Mission 326

Text evidence bridge

Checkpoint numbered logs, sorted comparisons, and bounded pipelines.

Text and logs
8 minutes Capstone Lesson 326 of 360
grepnlcommwc
Lesson 326 of 360 0/360 lessons 0/17 missions Text and logs · 8 minutes
0%
Continue View profile
Ops lab terminal Training lab
New learnerrank 0XP 0%complete
learner@clairos:/home/learner $ Unix ops lab: type a command, press Enter
Instructions 8 minutes

Click any instruction for the command details, the why, and the common mistake to avoid.

Build a bounded auth view

Run grep denied /var/log/auth.log | nl | head -n 3.

grep denied /var/log/auth.log | nl | head -n 3
Compare account sets

Run comm data/users-a.txt data/users-b.txt.

comm data/users-a.txt data/users-b.txt
Count the source log

Run wc -l /var/log/auth.log.

wc -l /var/log/auth.log
Lesson support

What to notice while you play.

Objective

Build repeatable confidence with combining text tools into defensible evidence.

Hint

Start with grep denied /var/log/auth.log | nl | head -n 3, inspect the result, then continue in order.

Why it matters

Combining text tools into defensible evidence helps operators explain what they know before they change anything.

Common mistakes
  • Skipping the output that proves combining text tools into defensible evidence.
  • Changing several things before recording a baseline.
Reference

Commands in this lesson.

grep [-i] <text> <file>

Find literal text inside a file.

wc [-l] <file>

Count lines, words, and characters.

nl [file]

Number lines from a file or supported text pipeline.

comm <left> <right>

Compare two sorted text files line by line.