*I believe that about 10.8 things changed and configuration for syslog is done in the /etc/asl.conf directory.
• First off you need to navigate to the /etc/syslog.conf file. Do a "more" on the file and have a look at what's going on. Here is what mine looks like:
*.err;kern.*;auth.notice;authpriv,remoteauth,install.none;mail.crit /dev/console
*.notice;authpriv,remoteauth,ftp,install.none;kern.debug;mail.crit /var/log/system.log
# Send messages normally sent to the console also to the serial port.
# To stop messages from being sent out the serial port, comment out this line.
#*.err;kern.*;auth.notice;authpriv,remoteauth.none;mail.crit /dev/tty.serial
# The authpriv log file should be restricted access; these
# messages shouldn't go to terminals or publically-readable
# files.
auth.info;authpriv.*;remoteauth.crit /var/log/secure.log
lpr.info /var/log/lpr.log
mail.* /var/log/mail.log
ftp.* /var/log/ftp.log
install.* /var/log/install.log
install.* @127.0.0.1:32376
local0.* /var/log/airport.log
local1.* /var/log/ipfw.log
local2.* /var/log/airport.log
local3.* /var/log/airport.log
local4.* /var/log/airport.log
local5.* /var/log/airport.log
local6.* /var/log/airport.log
local7.* /var/log/router.log
*.emerg *
Link to the documentation on this:
https://docs.meraki.com/display/MR/Syslog