Oneliner - Programming Languages - Count Failed login attempts in /var/log using AWK

This bash oneliner will allow you to search a $logfile for $search and report the total occurrences

search="Failed .*"; logile="/var/log/secure"; cat $logile | grep "$search" | awk -F: '{ print $7 }' | awk '{count[$1]++} END { for( i in count ) { if ( count[i] >= 5 ){print i "Total Failed Attempts: " count[i] ""} }}'

Server administrators can use an alternative way to perform the same task

search="Failed .*"; logile="/var/log/secure"; echo "Failed Login Attempts:" `cat $logile | grep "$search" | wc -l `;