Red Hat DIRECTORY SERVER 8.0 Command Reference Manual page 30

Chapter 2. Core Server Configuration Reference
lists the four possible combinations of values for these two configuration attributes and their outcome
in terms of disabling or enabling of audit logging.
Attributes in dse.ldif
nsslapd-auditlog-logging-
enabled
nsslapd-auditlog
nsslapd-auditlog-logging-
enabled
nsslapd-auditlog
nsslapd-auditlog-logging-
enabled
nsslapd-auditlog
nsslapd-auditlog-logging-
enabled
nsslapd-auditlog
Table 2.4. Possible Combinations for nsslapd-auditlog
2.3.1.20. nsslapd-auditlog-list
Provides a list of audit log files.
Parameter
Entry DN
Valid Values
Default Value
Syntax
Example
2.3.1.21. nsslapd-auditlog-logexpirationtime (Audit Log Expiration Time)
This attribute sets the maximum age that a log file is allowed to be before it is deleted. This attribute
supplies only the number of units. The units (day, week, month, and so forth) are given by the
nsslapd-auditlog-logexpirationtimeunit attribute.
Parameter
Entry DN
Valid Range
Default Value
Syntax
20
Value
on
empty string
on
filename
off
empty string
off
filename
Description
cn=config
None
DirectoryString
nsslapd-auditlog-list: auditlog2,auditlog3
Description
cn=config
-1 to the maximum 32 bit integer value
(2147483647)
A value of -1 or 0 means that the log never
expires.
-1
Integer
Logging enabled or disabled
Disabled
Enabled
Disabled
Disabled