Im trying to track down an abuse script that is sending a lot of outgoing traffic. I know for a fact that it is through phpbb, but I want to track down the specific user. If I knew the file they were using to excute, how can I locate it in the domlogs, without going in each of them one by one?
