Once upon a time, we tried to pipeline logs to centralized syslog hosts. And it was never great. Then, Apple gave us unified logging and the amount of logs skyrocketed. So the cmdReporter team took a step beyond that and built some amazing tooling to flow logs off Macs and into whatever SEIM an organization needs! Today, we talk with Dan Griggs about the philosophies, some of the tactics, and the massive case statements underneath cmdReporter! OK, so just kidding about the case statements but it was a super-fun episode!