Linux Endpoint Security: Logs
In this lab, you will discover common commands used to evaluate and analyze Linux logs and logging functions with a focus on establishing a foundation for cyber security skills.
Terms and conditions apply.
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Interpreting Syslog events
Explore the contents of the syslog file on Linux.
Understanding auth.log Activity
Explore the contents of the auth.log file on Debian Linux.
Use journalctl to inspect logs made as journal entries.
Uncovering Malicious Activity in Linux Logs
Emulate potentially malicious activity and follow your tracks while advancing log analysis skills from the previous challenges.
The Last Challenge
Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.