Daily Blog #680: Apple Unified Audit Logging


Hey Reader,
           Today I didn't have the time I needed to get a test kitchen done so I decided to take this opportunity to point you towards another great blog you should be reading with a different focus.

Sarah Edwards over at the Mac4n6 blog has started a series on the apple unified audit logging. If you have not been diving deep in your MacOS/Osx/Whatever they call it now analysis by looking into the data that unified audit logs provide your missing out.

Many examiners look at MacOS as a BSD operating system and just look at syslog, forgetting that there is a whole scaffold of another OS layered on top with its own logging. Apple's Unified Audit Logging is a moving target as they are notoriously not backwards compatible, I mean who else force upgrades file systems?

So do yourself a favor and check out Sarah's blog below:

https://www.mac4n6.com/blog/2020/4/19/introducing-analysis-of-apple-unified-logs-quarantine-edition-entry-0

Also Read: Daily Blog #679


Post a Comment