Unified Logs: How to Enable Private Data

With each release of macOS, more and more logs are migrated to the new database style which means that data is subject to Apple’s privacy controls. By modifying some settings, however, IT can convert the logs into highly relevant content to fuel its processes and management workflows.

May 20 2021 by

Dan Griggs

Group of hands coming together to support a small plant.

The importance of Unified Logs

With each release of macOS, more and more logs are migrated to the new database style which means that information is subject to Apple’s strict privacy controls. With default settings, unified logs border on unusable for risk management purposes.

Up until very recently, it was not easy to reveal data Apple marks as private at scale.

What is in the fields of unified logs?

The data that is marked private in unified logs is typically the details about an action that could identify the user or computer.

In most cases, enterprise software running on company-owned Mac computers does not share the same privacy concerns. In fact, MDM tools, like Jamf Pro, have access to far more information about a user and computer than unified log private data would provide.

With that in mind, unified logs private data is only private in the context of a personal-owned computer and not a company-owned machine used for work. I strongly agree with Apple’s default log privacy settings to help protect Mac security on personal-use computers from unscrupulous data collection practices that seek to compromise personally identifiable information (PII).

Example log data

NOTE: Before deploying the profile

You will need to sign the profile before uploading to MDM tools like Jamf, as many of them do not currently support this profile key. If you upload an unsigned profile, the process may change the profile in a way that breaks the private data settings. The certificate that signs the configuration profiles may be potentially visible to users, allowing them to see the name of the certificate that signed the profile.

How to sign a configuration profile

Profile to enable (reveal) private data

Dive deeper into Mac endpoint health with Jamf Protect

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.