Searching GZipped Log Files

March 18th, 2014 No comments

I have a few handy scripts for searching through log files, especially monitoring SSH login attempts. I cannot just grep through log files however, because the log files get “rolled”: compressed, and archived.

rob@kanga:/var/log $ ls -lh system.log*
-rw-r-----@ 1 root  admin   289K Mar 18 17:16 system.log
-rw-r-----  1 root  admin    79K Mar 18 00:00 system.log.0.gz
-rw-r-----  1 root  admin    39K Mar 17 00:02 system.log.1.gz
-rw-r-----  1 root  admin    36K Mar 16 00:02 system.log.2.gz
-rw-r-----  1 root  admin    35K Mar 15 00:02 system.log.3.gz
-rw-r-----  1 root  admin    25K Mar 14 00:01 system.log.4.gz
-rw-r-----  1 root  admin    69K Mar 13 00:01 system.log.5.gz
-rw-r-----  1 root  admin    68K Mar 12 00:01 system.log.6.gz
rob@kanga:/var/log $

Suppose you want to grep through your log files for SSH login activity, you can do it like this:

rob@kanga:/var/log $ { cat /private/var/log/system.log ; gunzip -c /private/var/log/system.*.gz ; } | grep sshd | wc -l
   11364
rob@kanga:/var/log $

The magic happens in the curly braces, which concatenates the standard output of all enclosed commands. Be sure to include a semicolon after the last command, right before the closing curly brace.

An even shorter example:

rob@kanga:/var/log $ { echo hello ; echo world ; } | cat -n
     1	hello
     2	world
rob@kanga:/var/log $
Categories: Utility Tags: , , , , , ,

Congressman Barber’s Response to Inquiry About DHS Alleged MRAP and Ammo Orders

April 19th, 2013 No comments

640px-Navistar_MaxxProRegarding the Department of Homeland Security’s (DHS) alleged purchases of 2,700 Mine-Resistant Ambush Protected (MRAP) vehicles and billions of rounds of ammunition, I just got off the phone with a fellow named Mike from Congressman Barber’s (D-AZ) office. Congressman Barber is on the House Armed Services Committee. I was concerned about these reported unusual purchases, and I wrote a letter in February. I asked for answers; they investigated. Here is their answer.
Read more…

Help Me Win Saddleback Leather

November 28th, 2012 No comments
The contest is over. Thanks for those who helped by clicking through to Saddleback’s homepage. -Rob

I love Saddleback Leather products, and they have a great tagline: “They’ll fight over it when you’re dead!” They’re having a Christmas giveaway with lots of loot.

Please help me out by clicking through to their homepage often for the next three weeks in December (through 19 Dec 2012). Woo hoo!

Categories: Uncategorized Tags: ,

iMovie App Runs on iPhone 3GS

August 27th, 2012 No comments

I was surprised to see that Apple’s iMovie iOS app runs on my iPhone 3GS (not jailbroken), even though Apple does not officially support it. It makes me wonder if it is just a stunt to get people to buy new iPhones.
Read more…

Categories: Uncategorized Tags: , ,

Apple IIgs Emulator

August 18th, 2011 6 comments

We all have our own bits of nostalgia when it comes to computers “back in the day.” OK, maybe you don’t, but I do. I have many fond memories of my Apple IIgs and all of its glory. I had a Woz edition with a TransWarp GS, the Hard Disk 20SC, and the good ol’ ImageWriter II. Why let the past go, when you can run old programs on your screaming fast modern hardware with an emulator? On the Mac, the best Apple IIgs emulator is Sweet16, which is still in active development (2011). It even supports printing (to the Mac’s Preview.app). Read more…

Categories: Review Tags: , ,

Writing Finder Comments from the Command Line

August 7th, 2011 2 comments

I had some old (we’re talking Apple IIGS era old) files that I wanted to keep around, and I wanted Spotlight to show them if there was a valid hit. Many of the file formats I cannot read anymore, but even a raw dump of the file could at least reveal the information I needed. What I could not find online was a way to write Spotlight-findable data from the command line. My idea was to run the strings command and embed that as a comment. I finally figured it out on my own, and it involves embedding AppleScript in a shell script via osascript. Read more…

Categories: Utility Tags: , , , ,

Run Snow Leopard in Virtual Machine to retain PowerPC Applications

July 25th, 2011 30 comments

I finally discovered how to run Mac OS X 10.6 Snow Leopard in a virtual machine after I was caught off guard that Mac OS X 10.7 Lion no longer supports Rosetta, Apple’s technology for seamlessly running PowerPC applications on Intel processors. I have enough PowerPC applications (like The Print Shop, my old copy of PhotoShop, and my scanner driver) that I was not going to upgrade to Lion on my home computer, but since I have successfully installed Snow Leopard in a virtual machine, I think I will take the plunge after all (and thanks to this Front Row hack also). Read more…

Check for PowerPC Programs Before Upgrading to Lion

July 24th, 2011 6 comments

I discovered too late that Mac OS X 10.7 Lion does not support PowerPC executables as Snow Leopard did with Rosetta. I cannot say how long that would have kept me away from Lion, but I definitely would have done some more homework before taking the plunge. If you have not already upgraded, you might want to do a check to see what you might be losing: old printer drivers, scanners, obscure utilities. I have finally lost my scanner, which required a PPC driver in an old copy of Photoshop. Run one of these scripts to generate a list of all PPC-only executables on your system. Read more…

Categories: Utility Tags: , , ,

“Ultrafast” video compression with x264

July 19th, 2011 No comments

The fastest video compression I have seen so far is using the x264 command line tool with its “ultrafast” preset. The resulting file has no audio, so it requires an extra step with QuickTime to finish the process. I recently review the compression software Elgato Turbo.264 HD Software Edition, and it was indeed faster than iTunes and QuickTime Player when converting to iPhone-compatible videos, but I noticed that x264 was faster still. Here are the steps you can take for “ultrafast” video compression.
Read more…

Categories: Utility Tags: , , , ,

Deleting Yourself with Mac Directory Services dscl . -delete

July 12th, 2011 1 comment

In case it ever crossed your mind, when you are at the command line, never type

sudo dscl . -delete /Users/rob

when you mean to type

sudo dscl . -delete /Users/proxy

It will slow down your productivity. Read more…

Categories: Utility Tags: , , , , ,