Analyzing log files is generally a tedious task, especially when you are hunting for anomalies without an initial lead or indication of evil. Trying to remove all the legitimate entries while leaving the malicious ones requires not only knowledge of common attacker techniques but a flexible tool. In this post, we’re going to cover analysis of Apache Tomcat access logs and Catalina logs using a text editor called “Sublime Text 3” (https://www.sublimetext.com/).
Posting on various topics including incident response, malware analysis, development and finance/investing automation.