Consolation, T2M2 and log utilities

The Time Machine Mechanic (T2M2) – a quick but thorough check of Time Machine backing up

t2m262
T2M2 analyses your logs to discover whether Time Machine backups have been running normally, reporting any worrying signs or errors. You do not need to be able to read or understand logs to be able to check for problems now. Reports deep event traversals, compaction of volumes, regularity of backups, and more. Detailed Help book explains results and advises. New version changes and saves text size, and restores window size and position.
T2M2 1.7 (Sierra, High Sierra, Mojave and Catalina)

Consolation – a log browser for macOS Sierra and High Sierra

consol351
Version 3 supports a custom library of predicates, custom display styles including colour, text filtering of the message content using regex or simple filters, and support for exporting and importing custom libraries. Newly added is support for Signposts in High Sierra and Mojave, as well as their additional keys and new log format, and it nows looks gorgeous in Dark Mode. This version fixes three bugs in Catalina.
Consolation 3.4 (for Sierra, High Sierra, Mojave and Catalina).

consol2241
Consolation provides an accessible but powerful way to browse, search, and analyse entries in the new log system which have already been captured. This is not supported by Apple’s Console app. If you want to check that Time Machine backups have been made on time and without error, or get to the bottom of startup, extension, or many other problems, Consolation is the only practical tool to use. Version 2.3 improves generation of search predicates, works either with the live system log, or with saved logarchives, and can create logarchives. It also gives full access to logarchives captured from other Macs (running Sierra or High Sierra), iOS devices (10.10 and later), watchOS and tvOS with the unified log. Must be run as an admin user. Includes detailed and up-to-date 8 MB Help book with tutorials and unique reference content. Previous version, now unsupported.
Consolation 2.4 (Sierra and High Sierra only)

RouteMap and Whither – performance analysis for apps, scripts, and more

signpost44
RouteMap is opening the unified log and Mojave’s signposts for the harvesting and analysis of performance information. Whither is a simple app, supplied pre-built and in full sourcecode, which demonstrates how to access Signposts and regular log entries for harvesting and analysis. Version 1 of Whither writes conformant log entries which can already be accessed with Consolation 3 and RouteMap, which is now available in its third beta release, which has many improvements. These are bundled with Blowhole and tutorial docs in the Signpost Kit.
The Signpost Kit 2 (bundle for Sierra, High Sierra, Mojave and Catalina)
RouteMap 1.0b3 (for Sierra, High Sierra, Mojave and Catalina)

Woodpile – a new type of log browser, which explores long periods from the top down

woodpile72
Woodpile analyses records in any logarchive for the processes which write to the log most, and shows you for each selected process when they did so. This lets you examine those log files in more detail, to hone in on performance and other problems. A unique approach to the vast amounts of data stored in the new macOS log. Also shows important events like startup, creates frequency charts for custom processes, and links windows to a common time period. New beta release fixes a crashing bug which occurs rarely with certain styles.
Woodpile 1.0b6 (Sierra and High Sierra only)

RunConsolation – runs Consolation2 as root to enable log browsing when in normal user mode

RunConsolation is for those who log in as normal, rather than admin, users. It runs Consolation as root – which can be a significant security issue – but thereby enables it to obtain log messages. Caution required, but it does the job.
RunConsolation 1.1 (Sierra and High Sierra only)

MakeLogarchive – a utility for creating logarchives readable by Console from ‘live’ logs or raw log folders

mla23
This tool, in early development, copies the files and folders from /var/db or a copy of that, and places them in a logarchive format file so that they can be opened by Consolation, Console, or log. It now produces well-formed logarchive bundles, which can be used to browse pooled and individual tracev3 log files. It also catalogues the tracev3 log files in any well-formed log archive, showing start and end times for each. A new feature is statistical analysis of the log load of processes over periods of three months or more, giving new insights into those processes and user activity.
MakeLogarchive 0.5a1 (Sierra and High Sierra only)

RunT2M2 – runs T2M2 as root to enable assessment of Time Machine when in normal user mode

RunT2M2 is for those who log in as normal, rather than admin, users. It runs T2M2 as root – which can be a significant security issue – but thereby enables it to obtain and analyse log messages as needed to check Time Machine. Caution required, but it does the job.
RunT2M2 1.0 (Sierra and High Sierra only)

DispatchView – analyses the log for task dispatching issues

dispatchview11
DispatchView shows log entries for two key systems DAS and CTS whose failure can result in Time Machine backups becoming irregular or stopping altogether, and may be involved in apps or services stalling or behaving unreliably. It can save you lots of effort using Consolation. Future versions will automatically analyse the health of DAS/CTS too.
DispatchView 1.0 (Sierra and High Sierra only)

Blowhole – a command tool to write into the log in macOS Sierra and later

Blowhole is a command tool, which can be run in Terminal or called from any app or scripting language with support for calling command tools, which writes out an entry in Sierra’s new log system. Use this to check running of periodic tasks, or from any scripting language which does not have direct access to the new log. Version 8 supports Mojave’s new Signposts, working around bugs, and Pseudo-Signposts in Sierra and High Sierra, and version 9 is additionally signed, hardened, notarized and ready to install in Catalina.
Blowhole 9 (Sierra to Catalina)
Blowhole 8 (Sierra, High Sierra and Mojave)

Known Issues:

Note that Consolation 2.4 is not known to be compatible with Mojave. Please use version 3, which is huge improvement anyway.
Woodpile is incompatible with Mojave at present.

Consolation 3.3 fixes a bug in Catalina which displayed the wrong Fields Help information.

Consolation 3 and T2M2 need to be run from an admin user account to reliably obtain log extracts, certainly in Sierra and High Sierra. This is a limitation imposed in the log show command in macOS.

Support pages:

T2M2 Support
Consolation and other log utilities Support

Starting up in Catalina: sequence and waypoints in the log
Inside Catalina’s unified log: how has it changed?
Time Machine: past, present and future
Checking Time Machine in Mojave (and High Sierra) using T2M2 1.4
Browsing your log with Consolation 3, full release at last – introduction and setup
What to do when T2M2 or another log-based app returns an error
Consolation 3.4 fixes three bugs when used in Catalina
Catalina’s log can’t be unprivatised

Consolation tutorials

Capturing the moment in your log: how to identify a problem
Consolation 3: log browser of choice for macOS 10.12-10.14
Investigating Time Machine errors with T2M2 and Consolation 3
Investigating a crash using Consolation 3
macOS Unified log: 1 why, what and how
macOS Unified log: 2 content and extraction
macOS Unified log: 3 finding your way
What to do when your log returns an error
How Mojave changes the unified log
Unified but not uniform: how the log has changed
Is the unified log private, or a vulnerability?
How to browse the log on an iOS device
What’s the time, Mr Mac? How summer time confuses macOS

Signposts

Interested in performance? Updated Signpost tools now available
Quantum mechanics and Mojave – performance measurement, Signposts, and the log
Taking macOS to the end of time: nanoseconds count
Signposts for performance: 1 introduction
Signposts for performance: 2 Instruments
Updates all round to Blowhole, RouteMap, and the Signpost Kit
Working around a bug recently introduced into Mojave: When Signposts point the wrong way