[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Syslog and OpenLDAP

You haven't specified your distribution, which makes it impossible for anyone 
to succintly answer your question.

However, I'll pretend you said you are running Red Hat Enterprise Linux ES 
version 3 with OpenLDAP 2.1.25 packages from Jehan Procaccia.  If not, perhaps 
this will help someone else.

First, you'll need to edit the file /etc/rc.d/init.d/ldap to remove the "-l 
daemon" switches from the two places where slapd is invoked.  This is a dumb 
Red Hat modification that makes slapd log as "daemon" instead of "local4" like 
it ought to.

Second, you'll need to add a line to /etc/syslog.conf that sends the ldap log 
output to a separate file; something like:

local4.*                     /var/log/ldap

Note that the white space above can include spaces and/or tabs; Red Hat is 
shipping a reasonably up-to-date syslog unlike many other *nix variants (bad 
cess to ye, HP-UX!).

Third, you will probably want to add the new log file to your logrotate 
scheduling.  Do this by editing the file /etc/logrotate.d/syslog to add the new 
log file you've created to the list of files logrotate manages for syslog.

OK, you are basically done.  Now modify your /etc/openldap/slapd.conf file to 
set the loglevel of your desire; the bit settings are documented in the 
slapd.conf manpage.

Also worth noting - high log levels impact performance so fiercely that many 
ldap clients will time out if the server is doing heavy logging.  Use high log 
levels only during debugging episodes and turn it off again when you are done.


PS: Sorry about the subject line mangling; your confirmation-driven email 
authentication request came as something of a surprise.


On 31 Mar 2004 at 15:16, Chris Majewski wrote:
> How do I get syslog to log slapd stuff? Manpages ain't 
> helping here. 
> In  particular,  what should  FOO be for the following 
> line to do something useful in /etc/syslog.conf on 
> a Linux box:
> FOO.* /var/log/slapd
> -chris