Grep Command
The grep command is a useful command line tool in Linux and allows for parts of a file matching a certain string to be returned. grep “string” /var/log/auth.log will return the string from the auth.log; both of these values can be replaced as needed (for example, grep “session opened” /var/log/auth.log will return the session opened events from the auth.log).
In order to make the process faster, it is recommended that the user enter the command cd /var/log if this is done, it will remove the need to add the file path in the command, allowing for a command such as grep “string” auth.log.
Additional References
View this article on GitHub