Exporting Unified Logs from a FFS extraction to view in a Mac

Greetings everybody,

I have some information which I thought would be helpful on processing Apple Unified logs, if your main PC is Windows, but have access to a Mac.  This has helped us in several cases when we want to determine what is going on with an iPhone, and is super granular.  There are some tools which do this for you, but this is way faster.  Additionally, these are very volatile logs, and usually don't have more than the most recent couple of months worth of data.

Some things we have found

Evidence of images taken, and deleted, which no longer existed in photos.sqlite

Airdrop information

Logs on applications being uninstalled

Usage of Apps which are no longer present

and other items.

Anyhow, enjoy