Mac OS X System Logs

Posted by:  /  Tags: , , , ,

Author Name
Pasquale Stirparo, @pstirparo
Submission Title
Mac OS X System Logs
Artifact Description
Num. 1 is the main folder containing the system logs.

Num. 2 Contains Apple System Logs (asl). Filename format as YYYY.MM.DD.[UID].[GID].asl,

Num. 4 contains install date of system, as well as date of system and software updates
File Locations
1) System Log files main folder
– /var/log/*

2) Apple System Log
– /var/log/asl/*

3) Audit Log
– /var/audit/*

4) Installation log
– /var/log/install.log
Research Links
Any Other Information
These artefacts are collected under the ma4n6 project, aiming at being single point of collection for OSX artifacts from where such locations are later shared via:
– yaml library
So that the effort is made only once, and the output reused everywhere.

Leave a Reply

Your Name: (required)

Your Email: (will not be published) (required)

Your Website:

Your Message:

submit comment