major/grep.txt

## grep.txt
$ grep audispd syslog | grep -oP "key=\"\K(\S+)\"" | sed 's/\"//' | sort | uniq -c | sort -rn
 307204 perm_mod-V-38552
  46487 perm_mod-V-38554
   5874 export-V-38568
   4527 perm_mod-V-38545
   2829 perm_mod-V-38557
   2429 perm_mod-V-38558
    332 audit_account_changes-V-38531
    288 perm_modV-38558
    276 MAC-policy-V-38541
    243 audit_time_rules-V-38525
    182 audit_time_rules-V-38522
    104 audit_network_modifications-V-38540
     20 perm_mod-V-38565
     10 modules-V-38580
      8 perm_mod-V-38561
      8 perm_mod-V-38556
      6 perm_mod-V-38559
      4 audit_time_rules-V-38635
      4 audit_time_rules-V-38527
      2 perm_modV-38559
      2 audit_time_rules-V-38530
      2 actions-V-38578
	$ grep audispd syslog \| grep -oP "key=\"\K(\S+)\"" \| sed 's/\"//' \| sort \| uniq -c \| sort -rn
	307204 perm_mod-V-38552
	46487 perm_mod-V-38554
	5874 export-V-38568
	4527 perm_mod-V-38545
	2829 perm_mod-V-38557
	2429 perm_mod-V-38558
	332 audit_account_changes-V-38531
	288 perm_modV-38558
	276 MAC-policy-V-38541
	243 audit_time_rules-V-38525
	182 audit_time_rules-V-38522
	104 audit_network_modifications-V-38540
	20 perm_mod-V-38565
	10 modules-V-38580
	8 perm_mod-V-38561
	8 perm_mod-V-38556
	6 perm_mod-V-38559
	4 audit_time_rules-V-38635
	4 audit_time_rules-V-38527
	2 perm_modV-38559
	2 audit_time_rules-V-38530
	2 actions-V-38578