We need to index system logs from about 100 Macs using Splunk. I have more experience with iOS mobile device management rather than logging with Mac.
If anyone has any pointers I'll post updates here. Thanks!
Update (January 2020)::
Apple has an entirely new binary, database format for logging their os. This prevents other parties (like Splunk) from reading logs and the daily log can exceed several GB in size with 20 million log entries!
Solution: script tasks using native utility LOG to extract logs you need. I'm still not able to get this in a human readable format but slow progress is better than none I suppose.
We will only be able to use bash scripts so if anyone has a hobby of working with bash on Mac I'm all ears🤗
Top comments (0)