Find Recently Changed Logs

Looking at the recently changed logs is a faster way to get to a stacktrace with more detail to add to the MSSI or otherwise investigate.

Linux

These commands are for Unix systems.

Find Script

You can find all the files modified within the last five minutes using the following command.

bash
1
find /opt/metasploit/apps/pro/engine /opt/metasploit/apps/pro/ui /opt/metasploit/apps/pro/log -type f -mmin -5 -name '*log'"

Create an Alias

To avoid typing that every time you need to find logs, you an add an alias to your ~/.bashrc file.

  1. Open your .bashrc using sudo <your-text-editor> ~/.bashrc
  2. Add the following line: alias recent_mspro_logs="find /opt/metasploit/apps/pro/engine /opt/metasploit/apps/pro/ui /opt/metasploit/apps/pro/log -type f -mmin -5 -name '*log'"
  3. Save the file.
  4. Restart the terminal.

Now you should be able to use recent_mspro_logs to find any recently logs.

bash
1
/opt/metasploit/apps/pro/engine/prosvc_stdout.log
2
/opt/metasploit/apps/pro/engine/license.log
3
/opt/metasploit/apps/pro/engine/log/audit.log
4
/opt/metasploit/apps/pro/engine/log/production.log