OpenLDAP Quick Tips: Using syslog or syslog-ng with slapd for OpenLDAP logging
Friday, November 14. 2008
Hi All,
Here's my third tip in the "OpenLDAP Quick Tips" series:
"You want to enable logging via syslog or syslog-ng for your directory server":
For syslog, depending on your distro, you would edit /etc/syslog.conf or /etc/rsyslog.conf:
Here's my third tip in the "OpenLDAP Quick Tips" series:
"You want to enable logging via syslog or syslog-ng for your directory server":
For syslog, depending on your distro, you would edit /etc/syslog.conf or /etc/rsyslog.conf:
CODE:
# LDAP[?] logs LOCAL4.* -/var/log/openldap.log
and then restart syslog/rsyslog:
CODE:
/etc/init.d/syslog restart
For syslog-ng, the following will work:
CODE:
source s_all { unix-stream("/dev/log"); internal(); }; destination d_ldap { file("/var/log/ldap[?].log"); }; filter f_syslog { not facility(auth, authpriv) and not match(slapd); }; filter f_ldap { match("slapd"); }; log { source(s_all); filter(f_syslog); destination(d_syslog); }; log { source(s_all); filter(f_ldap); destination(d_ldap); };
You can also add:
CODE:
options { sync(n); };
and then restart as per your distro tools.
Thanks,
Gavin.
No comments:
Post a Comment