DEV Community

Chris C
Chris C

Posted on • Edited on

Seeking any help/resources for MacOS logging using Splunk

We need to index system logs from about 100 Macs using Splunk. I have more experience with iOS mobile device management rather than logging with Mac.

If anyone has any pointers I'll post updates here. Thanks!

Update (January 2020)::
Apple has an entirely new binary, database format for logging their os. This prevents other parties (like Splunk) from reading logs and the daily log can exceed several GB in size with 20 million log entries!

Solution: script tasks using native utility LOG to extract logs you need. I'm still not able to get this in a human readable format but slow progress is better than none I suppose.

We will only be able to use bash scripts so if anyone has a hobby of working with bash on Mac I'm all earsπŸ€—

Top comments (0)