Ask questions. Get answers. Find technical product solutions from passionate experts in the NXLog community.

How to figure out what event types to filter in im_maculs
I've been tasked to roll out nxlog on all of our Macs. I have it working in the sense that logs are being uploaded to our syslog server. However I've been given a list from https://www.iansresearch.com/resources/all-blogs/post/security-blog/2021/04/29/best-practices-for-macos-logging-monitoring and told to implement it. How the heck do I find out what eventtypes to filter so that I can capture the list of logs that is on this webpage. And is this list even the right one to follow? It mentions using Consolation 3, but I have no idea how that's supposed to help me figure this out. What is your goto source for this type of info?

mthoma created
Replies: 1
View post »
last updated