Below are selected solutions for the Chapter 8 workshop questions from Cybersecurity Ops with bash.

Question 4

Modify wintail.sh to allow the user to specify the Windows log to be monitored by passing in a command-line argument.

Answer

The first line of code in wintail.sh identifies the Application log as the one that will be monitored.

The first line can be replace with the following:

This will use the value of the first argument passed to the script as the log to monitor. If no argument is provided it will default to Application.