OpenLDAP Quick Tips: Using syslog or syslog-ng with slapd for OpenLDAP logging



Here's my third tip in the "OpenLDAP Quick Tips" series:
"You want to enable logging via syslog or syslog-ng for your directory server":
For syslog, depending on your distro, you would edit /etc/syslog.conf or /etc/rsyslog.conf:
CODE:
# LDAP[?] logs
LOCAL4.* -/var/log/openldap.log
and then restart syslog/rsyslog:
CODE:
/etc/init.d/syslog restart
For syslog-ng, the following will work:
CODE:
source s_all { unix-stream("/dev/log"); internal(); };
destination d_ldap { file("/var/log/ldap[?].log"); };
filter f_syslog { not facility(auth, authpriv) and not
match(slapd); };
filter f_ldap { match("slapd"); };
log { source(s_all); filter(f_syslog); destination(d_syslog); };
log { source(s_all); filter(f_ldap); destination(d_ldap); };
You can also add:
CODE:
options { sync(n); };
and then restart as per your distro tools.
Thanks,
Gavin.
If you have an entry for our "OpenLDAP Quick Tips" series, why not e-mail your tip to us.
Trackbacks
howtomatrix.com on : PingBack
Show preview
The Suretec Blog on : OpenLDAP Quick Tips: Check your indices
Show preview
Hi All, Here's my 11th tip in the "OpenLDAP Quick Tips" series: "You want to make sure you have the correct indices configured for the best performance": It's easy to discover when you do not have the correct indices set by checking your ldap[?]
The Suretec Blog on : OpenLDAP Quick Tips: Auditing - who modified what at what times?
Show preview
Hi All, Here's the 16th tip in the "OpenLDAP Quick Tips" series (as requested by Bronius Motekaitis): "You want to audit OpenLDAP for changes: who modified what at what times?": Apart from normal logging via syslog there are two options for this;
Comments
Display comments as Linear | Threaded
yourmajesty on :
Thank you.
Gavin Henry on :
ghenry AT suretecsystems DOT com