support parsing Apple System Log files (`.asl` files)

jtmoon79 / super-speedy-syslog-searcher

Speedily search and merge log messages by datetime

MIT License

31 stars 1 forks source link

support parsing Apple System Log files (`.asl` files) #223

Open jtmoon79 opened 8 months ago

jtmoon79 commented 8 months ago

Summary

Support parsing Apple System Log files (.asl files).

Here is a short explanation of reading ASL files. The best I can find for Rust implementations is this crate oslog which AFAICT only writes to .asl files.

This Python tool asl binds to the shared available library on a Mac.

This Python tool ccl-asl parses ASL files. It failed to parse .asl files under ./logs/MacOS11/asl/. It successfully parsed ASL file ./logs/MacOS12.6/asl/2023.10.26.G80.asl.

jtmoon79 commented 3 months ago

When implemented, consider adding a comparison to ccl-asl in the README.md