Skip to content

OpenLDAP Quick Tips: Using syslog or syslog-ng with slapd for OpenLDAP logging

OpenLDAPOpen SourceSuretec Hi All,

Here's my third tip in the "OpenLDAP Quick Tips" series:

"You want to enable logging via syslog or syslog-ng for your directory server":

For syslog, depending on your distro, you would edit /etc/syslog.conf or /etc/rsyslog.conf:



CODE:
# LDAP[?] logs LOCAL4.*                                   -/var/log/openldap.log


and then restart syslog/rsyslog:

CODE:
/etc/init.d/syslog restart


For syslog-ng, the following will work:

CODE:
source s_all { unix-stream("/dev/log"); internal(); }; destination d_ldap      { file("/var/log/ldap[?].log");    }; filter f_syslog         { not facility(auth, authpriv) and not  match(slapd); }; filter f_ldap           { match("slapd");               }; log { source(s_all); filter(f_syslog); destination(d_syslog);           }; log { source(s_all); filter(f_ldap); destination(d_ldap);               };


You can also add:

CODE:
options { sync(n); };


and then restart as per your distro tools.

Thanks,

Gavin.

If you have an entry for our "OpenLDAP Quick Tips" series, why not e-mail your tip to us.

Trackbacks

howtomatrix.com on : PingBack

Show preview

The Suretec Blog on : OpenLDAP Quick Tips: Check your indices

Show preview
Hi All, Here's my 11th tip in the "OpenLDAP Quick Tips" series: "You want to make sure you have the correct indices configured for the best performance": It's easy to discover when you do not have the correct indices set by checking your ldap[?]

The Suretec Blog on : OpenLDAP Quick Tips: Auditing - who modified what at what times?

Show preview
Hi All, Here's the 16th tip in the "OpenLDAP Quick Tips" series (as requested by Bronius Motekaitis): "You want to audit OpenLDAP for changes: who modified what at what times?": Apart from normal logging via syslog there are two options for this;

Comments

Display comments as Linear | Threaded

yourmajesty on :

*Please look at the CODE sections of your tips. I can not make out what these all mean when I used Firefox on Linux (from US).

Thank you.

Gavin Henry on :

*They seem to be fine here. Can you send me a screenshot:

ghenry AT suretecsystems DOT com

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
BBCode format allowed
Pavatar, Gravatar, Favatar, MyBlogLog, Pavatar author images supported.
Form options
tweetbackcheck