By: Corey Anderson, Systems Engineer
One of the best ways to enhance your Apple deployment is by utilizing Apple’s content caching service. This service speeds up downloads of apps and software updates distributed by Apple, as well as data that users store in iCloud by saving content that local Apple devices have already downloaded. The saved content is stored in a content cache on one or more Macs, and is available for other devices to retrieve without going out over the internet.
After setting up your content machine you may wonder, “Are all my subnets and devices accessing the caching service?" By default, the caching service logs the requested software or resource, but not which IP address that made the request. Fortunately, it's easy to enable additional IP logging for the caching service. This allows you to see which subnets have accessed the service and verify that all clients have proper access to content caching. Among the list of items an admin can customize is a key called “LogClientIdentity”. Enabling this key is what turns on IP client logging for the caching service.
Step 1
To activate IP client logs for the caching service, access Terminal.app on the Mac being used as your content cache. Enter the command:
sudo -u _assetcache defaults write /Library/Preferences/com.apple.AssetCache.plist LogClientIdentity true
Enter your local admin password when asked. This will enabled Client IP address logging in the caching log file. You will want to stop and restart caching for this to take effect. To do this from Terminal on the caching Mac, enter:
sudo AssetCacheManagerUtil deactivate
sudo AssetCacheManagerUtil activate
You can now view the log file to see which IPs have access the service at this point.
log show --predicate 'subsystem == "com.apple.AssetCache"'
This command will show all data from the caching service. Look for “GET request” messages, which contain the IP address of each requesting client device. Now you can verify which subnets have accessed the service.
Step 2
Once you are done verifying all clients/subnets have access to caching, the best practice is to set the logging back to its default to prevent the log size from growing too quickly.
sudo -u _assetcache defaults write /Library/Preferences/com.apple.AssetCache.plist LogClientIdentity false
Enter your local admin password when asked. This will disable Client IP address logging in the caching log file. You will want to stop and restart caching for this to take effect. To do this from Terminal on the caching Mac, enter:
sudo AssetCacheManagerUtil deactivate
sudo AssetCacheManagerUtil activate
Visit the Advanced content caching settings on Mac support article for more information. As always, please reach out here on Community with questions, or speak to your local Apple team for further support.
Attach up to 5 files which will be available for other members to download.