title: Configuring RedHat OpenLDAP for Logging link: https://onemoretech.wordpress.com/2007/08/29/configuring-redhat-openldap-for-logging/ author: lembobro description: post_id: 650 created: 2007/08/29 04:57:00 created_gmt: 2007/08/29 04:57:00 comment_status: open post_name: configuring-redhat-openldap-for-logging status: publish post_type: post

Configuring RedHat OpenLDAP for Logging

Out of the box, RedHat’s build of the openldap server doesn’t provide for a separate log file to track operations performed on the directory. This is easy enough to set up with a
couple of config file changes.

First, edit /etc/openldap/slapd.conf and put the following line above where the database definitions go (”# ldbm and/or bdb database definitions”):

loglevel 256

This will enable logging at a level that will give an adequate amount of detail for tracking and troubleshooting.

Next, edit /etc/syslog.conf to add the following line:

local4.* /var/log/ldap.log

This tells syslog to redirect all messages from the LOCAL4 logging facility to a file called /var/log/ldap.log, slapd being configured by default to send logging information to LOCAL4.

Restart syslog, then slapd (RedHat calls the service “ldap”) using /sbin/service and you should see the following in your new ldap.log:

Aug 27 23:36:44 myhost slapd[11929]: @(#) $OpenLDAP: slapd 2.3.30 (Apr 25 2007 04:35:50) [email protected]:/builddir/build/ BUILD/openldap-2.3.30/openldap-2.3.30/build-servers/servers/slapdAug 27 23:36:44 myhost slapd[11930]: slapd starting

If you’ve installed your own build of OpenLDAP, or willing to hack the shipping init script, /etc/init.d/ldap, you can use the “-l” switch to specify a different syslog logging facility (LOCAL0 through LOCAL7, or USER or DAEMON).

Copyright 2004-2019 Phil Lembo