xprocheck
« Back to VersTracker
Description:
Anti-malware scan logging tool
Type: Cask  |  Latest Version: 1.7,2025.06@0  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security macos logging malware xprotect
Install: brew install --cask xprocheck
About:
XProCheck is a command-line utility designed to parse and analyze macOS anti-malware (XProtect) scan logs. It extracts data from system protection events to help users identify potential security threats and understand system defense actions. This tool is essential for troubleshooting malware detection issues and auditing security history on Apple silicon and Intel Macs.
Key Features:
  • Parses macOS unified logging system for XProtect events
  • Generates human-readable reports from raw scan data
  • Identifies malware detection triggers and remediation actions
  • Supports filtering by date, process, and threat type
Use Cases:
  • Investigating false positive malware alerts from macOS
  • Auditing historical security events on a managed Mac
  • Troubleshooting unexplained system slowdowns caused by scans
Alternatives:
  • KnockKnock – Focuses on persistent software enumeration rather than scan log analysis
  • Console.app – Native GUI tool for log viewing, but lacks specialized XProtect filtering
Version History
Detected Version Rev Change Commit
Sep 15, 2025 1:32pm 1.7,2025.06 0 VERSION_BUMP 63aa7953
Aug 5, 2025 6:01pm 1.7,2025.06 0 VERSION_BUMP 4c5f362b
Jul 27, 2024 3:37pm 1.6,2024.07 0 VERSION_BUMP ed16f8e9
« Back to VersTracker  |  Browse Packages  |  About