[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP logging

To: openldap-technical@openldap.org
Subject: Re: LDAP logging
From: Jorge Armando Medina <jmedina@e-compugraf.com>
Date: Mon, 25 Jan 2010 21:51:23 -0600
In-reply-to: <4B5E3978.1070800@berkeley.edu>
Openpgp: id=28E40632; url=
Organization: Computación Grafica de México
References: <4B5E3978.1070800@berkeley.edu>
User-agent: Thunderbird 2.0.0.23 (X11/20090817)

Ivan Ordonez wrote:
> Hi,
>
> I want to create logging for LDAP (version 2.4.19-r1) using syslog-ng
> on Gentoo box.
>
> Hope someone here can point me in the right direction.  I'm lost here.
>
Check my howto:
http://tuxjm.net/docs/Configurar_Servidor_Controlador_de_Dominio_con_Samba_y_OpenLDAP/Ubuntu/slapd-logs-config.html#slapd-logs-syslog-ng-config
It is for ubuntu, also used for gentoo, just change the source.
> Here is my syslog-ng conf file:
>
> @version: 3.0
> # $Header:
> /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3.0,v
> 1.1 2009/05/25 20:07:21 mr_bones_ Exp $
> #
> # Syslog-ng default configuration file for Gentoo Linux
>
> options {
>    chain_hostnames(no);
>
>    # The default action of syslog-ng is to log a STATS line
>    # to the file every 10 minutes.  That's pretty ugly after a while.
>    # Change it to every 12 hours so you get a nice daily update of
>    # how many messages syslog-ng missed (0).
>    stats_freq(43200);
> };
>
> source src {
>    unix-stream("/dev/log" max-connections(256));
>    internal();
>    file("/proc/kmsg");
> };
>
> #options { sync(n); };
>
> destination messages { file("/var/log/messages"); };
> destination authlog { file("/var/log/auth.log"); };
> #destination syslog { file("/var/log/syslog"); };
> destination ldap { file("/var/log/ldap.log"); };
> destination cron { file("/var/log/cron.log"); };
>
> # Create Filters
> filter f_messages { level(info..warn)
>        and not facility(auth, authpriv, mail, news); };
> filter f_authpriv { facility(auth, authpriv); };
> #filter f_syslog { not facility(auth, authpriv) and not match(slapd); };
> filter f_ldap { match("regexp" value ("slapd")); };
> filter f_cron { facility(cron); };
>
>
> # By default messages are logged to tty12...
> destination console_all { file("/dev/tty12"); };
> # ...if you intend to use /dev/console for programs like xconsole
> # you can comment out the destination line above that references
> /dev/tty12
> # and uncomment the line below.
> #destination console_all { file("/dev/console"); };
>
> # Connect Filters and Destinations
> #log { source(src); destination(messages); };
> log { source(src); filter(f_messages); destination(messages); };
> log { source(src); filter(f_authpriv); destination(authlog); };
> #log { source(src); filter(f_syslog); destination(syslog); };
> log { source(src); filter(f_ldap); destination(ldap); };
> log { source(src); filter(f_cron); destination(cron); };
>
> # Default Log
> log { source(src); destination(console_all); };
>
> Thanks in advance.
>
> -Ivan
>
>
>

Attachment: signature.asc
Description: OpenPGP digital signature

References:
- LDAP logging
  - From: Ivan Ordonez <iordonez@berkeley.edu>

Prev by Date: LDAP logging
Next by Date: Re: Ppolicy, password lockout status
Index(es):
- Chronological
- Thread