If you want to learn how to do log analysis properly, this probably isn’t the post for you. I recommend reading the National Cyber League Player Ambassador, WebWitch‘s post here.

If you just want to get some points in the game or learn how to understand what is contained within a log file, then this is a pretty good place to start. This one won’t have any practice challenges. It’s just a shortcut I used before I knew what a log was.

The Trick

First, use Ctrl+A to select all the contents of the log file. Copy and paste it into Excel. You think I’m kidding, but I’m not. I couldn’t read a log file to save my life, but I could filter some data in excel like no one’s business.

Next, highlight column A and click the “Data” tab. Then find this button:

This button is now your best friend. Once you click it, it will bring up a menu that looks like this:

As you can see, you have two options:

• Delimited, which will break each line into columns based on certain characters. This can be a tab, colon, or whatever character you can think of that will work
• Fixed width, which will break each line into columns at certain character counts.

Both have their uses. It’s up to you to figure out which is best for each log file.

Then, once you get your data into columns that work for you, add a row at the top to serve as a Header row. Label as many of the rows as you understand.

Then, highlight the entire spreadsheet and, under the “Data” tab in excel, click “Filter.” Now each of your column headings should have a drop down box.

Summary

Again, this is not the most efficient or effective method to solve Log Analysis. It’s simply a way to START to understand logs in a more visual way that command line may permit. For me, I was excellent in Excel and this gave me a foundation to learn Log Analysis later. Seriously, you should leave this blog post and check out the much better one written by WebWitch.