Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

[Fed-Talk] Apple's new unified logging system

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fed-Talk] Apple's new unified logging system

Subject: [Fed-Talk] Apple's new unified logging system
From: Todd Heberlein <email@hidden>
Date: Mon, 19 Mar 2018 10:36:25 -0700

Hi all,

I have not been active in Mac log/audit analysis for a little while, but I
found this article interesting and potentially relevant to many here. It is
about a fairly substantial change to the Mac logging infrastructure that
started with macOS Sierra 10.12.

macOS Unified log: 1 why, what and how
https://eclecticlight.co/2018/03/19/macos-unified-log-1-why-what-and-how/
<https://eclecticlight.co/2018/03/19/macos-unified-log-1-why-what-and-how/>


When I asked if BSM was part of this unified log management, I received the
following replies:

Sarah Edwards  (@iamevltwin): BSM still exists, its separate though.

Howard Oakley (@howardnoakley): The unified log has no particular provision for
audit. Indeed it makes log audit all but impossible! See coming parts in series…

Todd

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Prev by Date: [Fed-Talk] Collaboration Opportunities
Previous by thread: [Fed-Talk] Collaboration Opportunities
Index(es):
- Date
- Thread