I'm trying to log Endpoint Security events to os_log. I'd be grateful if someone could confirm that using the --oslog option with eslogger actually writes event data to the system log.
If I monitor with sudo eslogger exec fork exit I see events at the command line, yet if I add the --oslog option, I don't see those events when monitoring the log with sudo log stream --predicate 'subsystem == "com.apple.eslogger"'. Nor do I see them if I filter in the Console app on just the subsystem "com.apple.eslogger".
Have I missed out something with my work? Any help appreciated. Thanks.
rayascott
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution