Showing posts tagged #quick-tips

Return Home

List every host that attempted to connect

zgrep sshd /var/log/auth.log* | grep rhost | sed -re 's/.*rhost=([^ ]+).*/\1/' | sort -u  
Command breakdown
  • zgrep sshd /var/log/auth.log*: Search for sshd in every auth.log file. Even the .gz ones.
  • grep rhost: Filter out the lines that

Read More