Jamf Nation Community

Years ago i wrote a script that did this through the api.. keep in mind all these methods do add space to your database..
https://github.com/pingidentity/CorpIT/tree/Main/JAMF%20Scripts/Diagnostic%20Logs

Granted if i was todo it again i'd upload it to s3, google drive or something else ;)

Edit: Found another version that does a bunch of checks
https://github.com/matt-taylor934/loguploader/blob/master/loguploader.sh

I found and modified a script that zips and uploads the log files to our file share where all of our techs have access. Not sure it's used much but it's another tool in the arsenal.

Here's where it came from: https://jamfnation.jamfsoftware.com/discussion.html?id=18971

Credit to @CAJensen01

@rderewianko Thanks, that Script works for me. One question, how can I modify the script to also zip the crash logs in ~/Library/Logs/DiagnosticReports/

I know this is a slightly older post, but incase anyone is looking on how to do this...

@kc9wwh Wrote a slick script that works like a charm for uploading files using the API. Check it out here:

https://github.com/kc9wwh/logCollection

@nberanger I feel like such a noob, but do you know where those collected log files go?! I run the script but no idea where to find them!

@brooke.burdick The https://github.com/kc9wwh/logCollection script uploads the collected logs to your JSS as an attachment to the Computer record for the device, and you'll find the Attachments section under the Computer's Inventory section. Be sure to delete any attachments after you download them since they do take space in your database, and the database backups made until they're deleted.

@sdagley You beat me to it ;-)

@nberanger I didn't (and still don't) see your ID as a link in the question @brooke.burdick posted, so thought the post may not have the appropriate tags embedded and you weren't going to get a notification.

Dear @sdagley I have a cloud based Jamf Pro setup will it work in that as well ?

Because when I tried I get the Script Exit Code as 0 but in the JSS Inventory under Attachments I see no Attachments. Then via Terminal logs I see the following:

Melvin@Yen ~ % sudo jamf policy -id 59

Password:

Checking for policy ID 59...

Executing Policy logCollection.sh

Running script logCollection.sh...

Script exit code: 0

Script result:   adding: private/var/log/install.log (deflated 96%)

  adding: private/var/log/install.log.0.gz (deflated 25%)

  adding: private/var/log/jamf.log (deflated 91%)

  adding: private/var/log/system.log (deflated 86%)

  adding: private/var/log/system.log.0.gz (deflated 3%)

  adding: private/var/log/system.log.1.gz (deflated 3%)

  adding: private/var/log/system.log.2.gz (deflated 1%)

  adding: private/var/log/system.log.3.gz (deflated 0%)

  adding: private/var/log/system.log.4.gz (deflated 3%)

  adding: private/var/log/system.log.5.gz (deflated 2%)

  adding: private/var/log/system.log.6.gz (deflated 2%)

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   422  100   422    0     0   1032      0 --:--:-- --:--:-- --:--:--  1036

mismatched tag at line 10, column 2, byte 404:

<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>

Please continue your visit at our <a href="/">home page</a>.

</p>

=^

</body>

</html>

at /System/Library/Perl/Extras/5.30/darwin-thread-multi-2level/XML/Parser.pm line 187.

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  5 3757k  100   422    5  191k    698   317k  0:00:11 --:--:--  0:00:11  322k

<html>

<head>

<title>Status page</title>

</head>

<body style="font-family: sans-serif;">

<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Unauthorized</p>

<p>The request requires user authentication</p>

<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>

Please continue your visit at our <a href="/">home page</a>.

</p>

</body>

</html>

Running Recon...

Retrieving inventory preferences from https://softcellprod.jamfcloud.com/...

Finding extension attributes...

Locating applications...

Locating hard drive information...

Locating accounts...

Locating package receipts...

Searching path: /System/Applications

Locating software updates...

Locating printers...

Gathering application usage information from the JamfDaemon...

Searching path: /Applications

Locating hardware information (macOS 13.4.1)...

Submitting data to https://softcellprod.jamfcloud.com/...

<computer_id>12</computer_id>

Submitting log to https://softcellprod.jamfcloud.com/

Can you please help?

Dear @sdagley I tried and I am getting the below error:

Melvin@Yen ~ % sudo jamf policy -id 59

Password:

Checking for policy ID 59...

Executing Policy logCollection.sh

Running script logCollection.sh...

Script exit code: 0

Script result:   adding: private/var/log/install.log (deflated 96%)

  adding: private/var/log/install.log.0.gz (deflated 25%)

  adding: private/var/log/jamf.log (deflated 91%)

  adding: private/var/log/system.log (deflated 86%)

  adding: private/var/log/system.log.0.gz (deflated 3%)

  adding: private/var/log/system.log.1.gz (deflated 3%)

  adding: private/var/log/system.log.2.gz (deflated 1%)

  adding: private/var/log/system.log.3.gz (deflated 0%)

  adding: private/var/log/system.log.4.gz (deflated 3%)

  adding: private/var/log/system.log.5.gz (deflated 2%)

  adding: private/var/log/system.log.6.gz (deflated 2%)

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   422  100   422    0     0   1032      0 --:--:-- --:--:-- --:--:--  1036

mismatched tag at line 10, column 2, byte 404:

<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>

Please continue your visit at our <a href="/">home page</a>.

</p>

=^

</body>

</html>

at /System/Library/Perl/Extras/5.30/darwin-thread-multi-2level/XML/Parser.pm line 187.

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  5 3757k  100   422    5  191k    698   317k  0:00:11 --:--:--  0:00:11  322k

<html>

<head>

<title>Status page</title>

</head>

<body style="font-family: sans-serif;">

<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Unauthorized</p>

<p>The request requires user authentication</p>

<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>

Please continue your visit at our <a href="/">home page</a>.

</p>

</body>

</html>

Running Recon...

Retrieving inventory preferences from https://softcellprod.jamfcloud.com/...

Finding extension attributes...

Locating applications...

Locating hard drive information...

Locating accounts...

Locating package receipts...

Searching path: /System/Applications

Locating software updates...

Locating printers...

Gathering application usage information from the JamfDaemon...

Searching path: /Applications

Locating hardware information (macOS 13.4.1)...

Submitting data to https://softcellprod.jamfcloud.com/...

<computer_id>12</computer_id>

Submitting log to https://softcellprod.jamfcloud.com/