Private Data in Unified Logging 10.15

It used to be so easy to toggle showing private data in the Unified Logging system. You just ran the command sudo log config - -mode “private_data:on”. And then you’d see the hidden data in the log that’s hiding behind the places where you see <private>. All this changed with macOS Catalina, now you receive an error when running that command in 10.15. This means there wasn’t a really good way to get that useful debugging information.

UNTIL NOW!

Thanks to Dan Griggs of cmdSecurity (creator of cmdReporter). He was able to figure out the necessary configuration profile using Apple’s documentation on Device Management and System Logging -https://developer.apple.com/documentation/devicemanagement/systemlogging.

To deploy this with Jamf or Airwatch or whatever your favorite MDM is, you’ll need to sign this profile, but you can always just install it locally on the machine without signing it. Because of the nature of the information that it can reveal, I would advise against permanently deploying it on any machine. I’ve tested and confirmed this works on macOS Mojave(10.14) and macOS Catalina(10.15) and according to Apple’s documentation it should work on as far back as Sierra(10.12).

These views are my own and not the views of my employer. If you have any questions or want more information on this, feel free to contact me on the MacAdmins Slack(boberito), Linkedin(linkedin.com/in/bob-gendler-8702014) or email(bobgendler@gmail.com).