[Date Prev][Date Next] [Chronological] [Thread] [Top]

access accesslog: how do I search for modifications under a subtree?

To: openldap-software@openldap.org
Subject: access accesslog: how do I search for modifications under a subtree?
From: Zhang Weiwu <zhangweiwu@realss.com>
Date: Mon, 13 Aug 2007 08:57:05 +0800

Dear everyone

I use accesslog and is pretty fond of it. Recently I need to look up
several deleted entries, who deleted them and when, who modified these
entries before deletion. And I found it not easy.

All the clue I have is the deleted entries, before they are deleted, are
in certain subtree. I first thought I can do a search like this:
ldapsearch ...(accesslog db)... '(reqDn=*uid=dep1,ou=contacts,dc=example,dc=com)'

Where 'uid=dep1,ou=contacts,dc=example,dc=com' is the parent node of the
node that was deleted.

This doesn't work (always return no result). I guess one reason is
wildcard search is not allowed in reqDn for certain reason.

The second idea is to dump while accesslog database and do some grepping
and awking around it. But that way the whole means of using ldap
database for accesslog is lost. The reason of using ldapdatabase for
accesslog, rather than a plain text file, is to be able to search for
modification records without having to do grepping and awking
(especially grepping might be diffcult because the dn might been base64
encoded in ldif dumped from database)

So again can someone with experience show what you would do in this
case? 

Thanks a lot!

Follow-Ups:
- Re: access accesslog: how do I search for modifications under a subtree?
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: High availability
Next by Date: Re: High availability
Index(es):
- Chronological
- Thread