Which of the following commands should be run if an analyst only wants to include entries in which spreadsheet was successfully downloaded?

An organization recently discovered that spreadsheet files containing sensitive financial data were improperly stored on a web server. The management team wants to find out if any of these files were downloaded by pubic users accessing the server. The results should be written to a text file and should induce the date. time, and IP address associated with any spreadsheet downloads. The web server’s log file Is named webserver log, and the report We name should be accessreport.txt.

Following is a sample of the web servefs.log file:

2017-0-12 21:01:12 GET /index.htlm – @4..102.33.7 – return=200 1622

Which of the following commands should be run if an analyst only wants to include entries in which spreadsheet was successfully downloaded?
A . more webserver.log | grep * xIs > accessreport.txt
B . more webserver.log > grep ”xIs > egrep -E ‘success’ > accessreport.txt
C . more webserver.log | grep ‘ -E ”return=200 | accessreport.txt
D . more webserver.log | grep -A *.xIs < accessreport.txt

View Answer

Answer: C

Explanation:

The grep command is a tool that searches for a pattern of characters in a file or input and prints the matching lines1 The egrep command is a variant of grep that supports extended regular expressions, which allow more complex and flexible pattern matching2 The more command is a filter that displays the contents of a file or input one screen at a time3 The pipe symbol (|) is used to redirect the output of one command to the input of another command. The redirection symbol (>) is used to redirect the output of a command to a file.

The command given in option C performs the following steps:

✑ It uses the more command to display the contents of the webserver.log file.

✑ It pipes the output of the more command to the grep command, which searches for lines that contain ‘*.xls’, which is a pattern that matches any file name ending with .xls (a spreadsheet file extension).

✑ It pipes the output of the grep command to the egrep command, which searches for lines that contain ‘return=200’, which is a pattern that matches any HTTP status code of 200 (which indicates a successful request).

✑ It redirects the output of the egrep command to a file named accessreport.txt, which contains the date, time, and IP address associated with any spreadsheet downloads.

Reference: 1 How to Use the grep Command on Linux – How-To Geek 2 egrep(1) – Linux manual page 3 more(1) – Linux manual page How To Use Pipes on Linux – How-To Geek

How To Use Redirection Operators on Linux – How-To Geek