[Date Prev][Date Next]
Re: recommended loglevel setting (2.0.11)?
On Tue, Jul 17, 2001 at 05:28:24PM -0500, Allan Streib wrote:
> What I'd like to see is more of a production "audit" logging functionality
> separate from the debugging.
"audit": that's a nice way of describing the difference.
> I would like a few lines in the log
> indicating connecting IP and user (SASL) information, and the queries that
> are passed to the server.
I'd like to see things like bind failures (which would indicate something
fishy happening; our implementation is for Web authentication and we
should not have connections other than the httpd and LDAP admin users). I
expect others might like options to log suspicious activity, e.g.
invalid queries, protocol failures, etc.
> Debug level 260 gets me that information, but is way too verbose. I'm
> using level 256 right now which is less verbose but I don't see the SASL
> identity details.
Even 256 is more than I care to log. Sure, I don't expect that many
connect/bind/query ops, but I'm not interested in logging
> On Tuesday, July 17, 2001, at 03:44 PM, Peter W wrote:
> > I'm trying to figure out a good setting for loglevel for OpenLDAP 2.0.11
> > for
> > production use. Ideally I'd only like to see errors and unusual events,
> > like
> > slapd starting and stopping.