Linux CLI - System Administration
You want to extract all unique IP addresses from
/var/log/syslog that appear in failed login attempts. Which command is best?You want to extract all unique IP addresses from /var/log/syslog that appear in failed login attempts. Which command is best?
hard📝 Application Q9 of 15
Step-by-Step Solution
Solution:
Step 1: Filter failed login lines
grep 'Failed password'extracts lines with failed login attempts.Step 2: Extract IP addresses
grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b'extracts IP addresses from those lines.Step 3: Get unique IPs
sort -usorts and removes duplicates, giving unique IP addresses.Final Answer:
grep 'Failed password' /var/log/syslog | grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b' | sort -u -> Option DQuick Check:
Filter + extract IP + unique = grep 'Failed password' /var/log/syslog | grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b' | sort -u [OK]
Quick Trick: Use grep -oE with regex to extract IPs, then sort -u [OK]
Common Mistakes:
- Using uniq without sorting
- Extracting wrong fields with cut
- Not extracting IP addresses properly
Master "System Administration" in Linux CLI
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Linux CLI Quizzes