Mac OS Log Analysis (2)

• System Log Folder: /var/log
• System Log: /var/log/system.log
• Mac Analytics Data: /var/log/DiagnosticMessages
• System Application Logs: /Library/Logs
• System Reports: /Library/Logs/DiagnosticReports
• User Application Logs: ~/Library/Logs (in other words, /Users/NAME/Library/Logs)
• User Reports: ~/Library/Logs/DiagnosticReports (in other words, /Users/NAME/Library/Logs/DiagnosticReports)

Mac OS Log Analysis (1)

Recently, my Mac laptop's (Majove, MacBook Pro (15-inch, 2017)) Safari failed to open. I searched around and could not find a solution. Even our company's helpdesk could not find a solution. Then I am curious to examine the log and try to figure it why the Safari launch failure happened.

Right now, the Safari still does not work. I solely use Chrome for web browsing.

Meanwhile, I am doing some research on cyber security. There are many works on examining on Windows or Linux logs and not so many focuses on the MacOS.

I examined the OSX Collecto (https://github.com/Yelp/osxcollector/blob/master/osxcollector/osxcollector.py) and feel that is not what I want. I begin to write some tools to analyze MacOS logs.

There is another post on this topic too. http://macadmins.psu.edu/wp-content/uploads/sites/24696/2016/06/psumac2016-19-osxlogs_macadmins_2016.pdf

Here I am summarizing those analysis step by step. I wish those will help our readers.