🎯 Goal

Create a reliable, professional-grade terminal logging system that:

  • Records everything I do during a lab

  • Preserves raw data for forensic accuracy

  • Produces a clean, readable Markdown log suitable for Obsidian and GitHub Pages

  • Requires zero manual editing after the session ends

This is about moving from β€œmessy learning” to reproducible, auditable lab work.

🧠 What I Built

By the end of the day, I designed and debugged a two-layer logging pipeline:

1️⃣ Raw Log (Source of Truth)

  • Captured using script

  • Stored as session.raw.log

  • Contains:

    • Full terminal output

    • ANSI escape codes

    • Redraw artifacts

    • Prompts, usernames, hostnames

This file is never edited. It is the equivalent of a pcap: immutable evidence.

2️⃣ Clean Log (Human-Readable)

Automatically generated as session.clean.md, with:

  • Commands rendered in bold

  • Command output rendered in italic

  • No ANSI junk

  • No usernames or hostnames

  • Chronological, faithful reconstruction of the session

This file is what I actually read, study, and publish.

πŸ› οΈ Core Features Implemented

  • startlog <lab_name>

    • Creates a timestamped lab folder

    • Starts a subshell that is fully recorded

  • stoplog

    • Ends the recording cleanly

    • Automatically runs the cleaner

    • Produces the final Markdown file

  • Automatic handling of:

    • ANSI escape sequences (CSI, OSC)

    • Backspaces and redraws

    • Carriage returns

No manual cleanup. No copy/paste. No rewriting history.

πŸ”₯ Key Breakthroughs

  • Fixed greedy regex that was silently eating command output

  • Learned how terminal control sequences actually behave

  • Understood why raw logs must stay raw

  • Built a pipeline that mirrors real-world SOC / red-team workflows

This wasn’t about Bash syntax β€” it was about thinking like an analyst.

πŸ“Œ Final Structure

lab_logs/
└── 2026-02-06_201944_fix_test/
    β”œβ”€β”€ session.raw.log    # full, untouched transcript
    └── session.clean.md  # blog-ready Markdown

βœ… Outcome

I now have a repeatable, professional lab logging system that:

  • Scales with complexity

  • Preserves evidence

  • Produces publishable material automatically

This is a foundational tool I’ll reuse for every future Linux, privilege escalation, and red-team lab.

Day 15 was about building the tooling, not just learning commands β€” and that’s a major shift.

🧠 Next step: use this pipeline for real SUID / permission labs without touching it again.