Performing macOS incident response (IR) investigations can be challenging, considering the difficulties in quickly capturing, parsing and analyzing forensic data across disparate affected systems. Recognizing this, CrowdStrike® Services created AutoMacTC, an open-source triage collector utility that helps investigators swiftly gather the relevant data, find answers and then eradicate adversaries from their environments.

https://www.crowdstrike.com/blog/automating-mac-forensic-triage/