Hey Apple, WTH Happened to secure.log in Mountain Lion??

Since I cannot post more than ONE LINK in Stack to this question, I present my research here. Please give me the 10 rep points so I do not have to do this again. Here’s my stack answer with multiple links:

Thanks to user @ben_fry on twitter, we have an answer. In short, secure.log auth events have been rolled into asl (syslog). Ben Fry’s discussion is here:

and the relevant Apple Support post is here:

Also, if you’re using denyhosts they’ve come up with a regex pattern match against asl as well:

(referring link:

Note that I have not changed over my denyhosts to use asl so I do not know if this works.. but according to the folks on twitter it does.

Hope this helps.


Have fun. I know I will when I reconfig the Mini in a couple weeks. So Uncle Leo, what were you using secure.log for?

  1. I had denyhosts slapping BRIC kids off my server. I really like denyhosts.
  2. I also had some script glue going that would Growl to Prowl to make my iPhone go DING when denyhosts was doing the slapping.

Nice to know that I can get this stuff going again. But to my Apple friends: how about some notes SOMEWHERE about what you’re going to deprecate? Please? Pretty please?