according to jamf protect I am supposed to set computers to keep the install.log file for 365 days, does anyone know how you can do this, preferably in a policy or config profile so it can be done on a larger scale.
Page 1 / 1
That setting is part of the CIS compliance settings. You should be looking at:
https://trusted.jamf.com/docs/establishing-compliance-baselines
and
https://github.com/usnistgov/macos_security
For help in creating policies and profiles to set and audit these settings. Jamf Compliance Editor is a very nice front end to mSCP.
(FYI, there is the command that mSCP uses to make this change.
/usr/bin/sed -i '' "s/\\* file \\/var\\/log\\/install.log.*/\\* file \\/var\\/log \\/install.log format='\\$\\(\\(Time\\)\\(JZ\\)\\) \\$Host \\$\\(Sender\\)\\[\\$\\(PID\\\\)\\]: \\$Message' rotate=utc compress file_max=50M size_only ttl=365/g" /etc/asl/com.apple.install
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.