[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Is it possible to only log failed binds ?

On Thursday 11 January 2007 16:37, Pierangelo Masarati wrote:
> Andreas Taschner wrote:
> > We have a setup with a very high number of binds, so running with
> > loglevel 256 floods the log file. According to
> > http://www.openldap.org/lists/openldap-software/200205/msg00120.html John
> > Dalbec wrote a patch for this for 2.0.21, but AFAICS it was ever
> > submitted.
> > I would like to have eg. loglevel 64 to see the configuration file
> > processing and then on top of that only failed logins.
> >
> > Is the only way to accomplish that to rewrite that old patch to the
> > current level, or is there some other way to get there ?
> You should be able to use the accesslog overlay (slapo-accesslog(5))
> configured to log only binds and only in case of failure.
Is that really possible in OpenLDAP 2.3 from the man-page I only see that you 
can configure it in a way that only successful operations are 
logged "logsuccess TRUE", but "logsuccess FALSE" will log everything (failed 
and successful)
Am I overlooking something?

> In that case, 
> logs would appear in the database rather than in the log file.  The log
> database can be purged to keep it under control.
> p.