cmdReporter Wiki

Open navigation

Plaintext log file collection

Intended use

Collection and monitoring of single-line plaintext log files such as /var/log/system.log or /var/log/install.log.


A cmdReporter log event will be created for every line in the specified log file as well as any data appended after the initial collection. The ongoing logging behavior is similar to the /usr/bin/tail -f command.

the specified file does not exist cmdReporter will do nothing until that file appears. After a previously missing file appears cmdReporter will start logging the file's contents as described above.

Preference keys


Any file path is considered valid input and does not need to be present at cmdReporter startup to work as intended.

Example Event

    "_event_score": 0,
        "event_name": "PLAINTEXT_LOG_COLLECTION_EVENT",
        "time_seconds_epoch": 1607559675
        "host_name": "dan_macbook_pro",
        "host_uuid": "3F6E4B3A-9285-4E7E-9A0C-C3B62DC379DF",
        "osversion": "macOS 11.0.1 (Build 20B29)",
        "primary_mac_address": "38:f9:e8:15:5a:82",
        "serial_number": "C03XY889JHG3"
    "path": ["/private/var/log/jamf.log"],
    "texts": ["Wed Dec 09 19:21:15 dan_macbook_pro jamf[56584]: No patch policies were found."]

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.