使用記錄檔稽核權限提升

log stream --style compact --predicate '(subsystem == "com.jamf.connect.daemon.ssp") && (category == "PrivilegeElevation")'

log stream --style compact --predicate '(subsystem == "com.jamf.connect") && (category == "PrivilegeElevation")'

Checking for existing elevation timers for [user]
Failed to check elevation time remaining because no user elevation previously occurred.
No running elevation timers for [user]
User elevation time remaining: [duration in minutes:seconds]
[user] has reached their maximum amount of elevations for this month
Request Admin Privileges menu item selected
Privilege Elevation limit has been set
No promotion roles or groups found
Elevation blocked by group - user's roles are not listed in UserPromotionRole
Elevation duration specified by group lookup [duration in minutes] minutes
Elevation blocked by group lookup - default elevation time of 0
[user] elevated to admin for stated reason: [reason]
User [user] elevated to admin for [duration in minutes] minutes
Added user [user] to admin group.
[user]'s elevations this month: [no. of monthly elevations]
Removed user [user] from admin group
User [user] has been demoted back to standard macOS user
[user] has reached their maximum amount of elevations for this month.