emlog.pl deny or allow?

It’s a logging tool, and part of macOS. I’d let it run.

Details? Launch Terminal.app, and enter the command man emlog.pl and start reading.

Or open up that Perl script with a command-line editor such as pico or vim or emacs or with specific and necessarily text-capable GUI editors including BBEdit, and start reading.

More info around the ‘net, including at Reddit.

Apple has some limited info on the Application Firewall, as well.

Dan Grant wrote:

What does the emlog.pl script do and is it necessary for Firewall to work correctly?

Out of curiosity—

Under what instance is this deny/allow dialog popping up?

Some apps check their own integrity when they are opened without using code signing. If the firewall recognizes such an app it doesn't sign it. Instead, the "Allow or Deny" dialog appears every time the app is opened. This can be avoided by upgrading to a version of the app that is signed by its developer.

Mojave 10.14 has a new >System Preference>Security&Privacy>Privacy>Full Disk Access for ex. as well.

https://forums.developer.apple.com/thread/107546

Dan Grant wrote:

It's a blur to me now. It was during the time after Apple Genuis Bar erased my disk, reinstalled OS X, and then I booted up at home and was rebuilding all directories from Time Machine. At the time I denyed the request. How can I now "allow" it if I am not seeing the pop up anymore? Any harm in it not running?

I see no harm in not running it.

Pearl script / Log scraper

The file can be found from Finder>Go>Go To Folder, copy and paste:

 /usr/libexec/emlog.pl

It seems to simply log ssh and ftp authentication failures and part of the macOS. Used for diagnostics.

 > System Preferences > Sharing > Firewall > 🔒 > 🔓 > Firewall Options.

Having just checked here, emlog.pl is currently not permitted incoming access.