Assignment #$3$ has two goals. First, to help students to learn about Linux logs; what information is recorded there and how that information can be useful to a system administrator. Second, to learn to use BASH scripting to manage and analyze log contents.

In general, important information and unusual conditions are commonly recorded by Operating System and Applications. This information is written into log$-$files. Generally, log$-$files are organized by category. For example, information about user log$-$ins are recorded to a system authentication$-$log$.$

This log is important to system administrator because it will record all login attempts for a machine or network. If a network is under attack from a hacker, this log can provide information about who is trying to break in $($IP addresses, how many attempts, and reasons that the login failed$).$ Collectively, this information can provide a system admin with information that can help defend against such attacks.

For large networks, these logs can accumulate millions of entries over a relatively short period of time, so it is useful for system admins to develop BASH scripts that will allow them to manage logs or search them for certain conditions.

Some scripts that would be useful for working with an authentication log would be:

Archive script that copies the authentication log into an archive folder daily and appends the month and day to the log name and deletes content of the regular log$.$

Example: on Jan $1,$ authentication.log is copied to an archive folder as authentication$1-1.$log

This would keep log sizes small and organize them by days

Search script that allows an administrator to see the number of failed login attempts $($by user$-$name$)$ for any given day. This would show what accounts are being targeted.

Search script that allows an administrator to all login activity for a given user. This would show detailed information about who, when, and how an account is being targeted.

For information on Linux system log$-$files, visit any distribution $($download$)$ site for Linux and look over the information on log$-$files. There should be sample logs with an explanation of what information is recorded in each log$.$

Likewise, visit application download sites $($like Apache$),$ and you can review similar logging information for each Linux application.

For this assignment, choose system log$-$files and application files. Review log content from download sites. Once you understand the log$-$file content, think about what information would be important to a system admin and possibly create a search script to find that information. You could search by date or username on may logs$.$ You could search for specific error conditions on other. Under the idea of log management, you could create any archive script as listed above.

DO NOT create a single script and modify it for all selected logs$.$ I want to see a UNIQUE script for each selected log$-$file.

You may use the snippets file for log$-$file samples OR you may find your own at any download site.

NOTE: Log$-$files are similar across multiple Linux distributions BUT each one may differ in the information included and syntax used to record the log$.$ As such, scripts must be tailored to each distribution's log$-$files.

Choose $5$ log files.

For each of the logs you should perform the following tasks:

$$ Describe the log

$$ Create script that may be useful in managing the log

$$ Illustrate why the script would be useful

$$ Create one regular expression that may be useful in analyzing the log

$$ Describe the rules that dictate the pattern of the regular expression

$$ Illustrate why the regular expression would be useful.

$($The regular expression should be part of the script$)$

When describing the log please provide $4-5$ sample lines and discuss them briefly.

The five logs should be divided as follows:

$$ Three logs generated by the system $($for example: daemon, kern, syslog$)$

$$ Two logs generated by installed applications $($for example: mysql$,$ apache