When Apple introduced the unified log in Sierra, one of its features was the protection of privacy. Log messages containing potentially sensitive information had that replaced by
<private>. Like so many good ideas, this had unintended consequences as many log entries only contained the dreaded
<private>. When trying to investigate some systems, notably iCloud and privacy protection itself, most meaningful content was lost.
Until the release of Catalina, there was an undocumented switch which turned this privacy protection off, an option to the
log config command. When you needed to view all those censored messages, you could turn protection off, perform your test, and the log then contained all the information you required.
Catalina 10.15 changed that. In order to bypass this privacy protection, you had to run your Mac in a special diagnostic mode intended for use exclusively by Apple engineers. For the great majority of Mac users, that made it impractical to use.
<private> was there to stay. I complained bitterly about this last November, and I’m delighted to report that Apple has relented: you can now turn privacy protection for the log off and on with ease, without even having to restart.
Once again, it is George Garside who has provided the means, following a solution developed by Rafael Prado, apparently: a simple signed profile which he has made freely available from his site. Download this, and when you need to disable privacy protection in your log entries, double-click it to install it in your Profiles. macOS will verify its signature and from that moment on, all your log entries will be free of the dreaded
This requires macOS 10.15.3 or later to work. If you still need to remove privacy from 10.15 to 10.15.2, then you’re stuck with more cumbersome solutions discussed on George Garside’s blog.
Because this is an installed profile, to revert your log to normal you must open the Profiles pane, select this profile, and click on the – tool to remove it. As soon as you do,
<private> will reappear to protect newly collected log entries, as normal.
In normal use, when privacy protection is enabled in the log, the censored information which is replaced by
<private> isn’t collected in the log at all. So removing privacy doesn’t affect log entries which were collected previously: it can’t disclose what has already happened. Similarly, enabling privacy protection again doesn’t remove private content from log entries which have already been collected, which remains until those log entries are removed during periodic housekeeping.
If you’re tempted to leave privacy protection off, you’ll find that your Mac stores fewer log entries, which stretch back for a shorter period, as the normally censored content adds significantly to log file size, and forces earlier removal of old log entries.
I recommend that, if you’re going to use George Garside’s invaluable profile, when protection is turned off, you attach a sticky note to your display to remind you to turn it on again as soon as possible.
Many thanks to George Garside for making this profile freely available, to Marc Wilson for drawing my attention to this change, and to Apple’s engineers for providing us with a good solution.