Red Hat DIRECTORY SERVER 8.1 Command Reference Manual page 25

2.3.1.1. nsslapd-accesslog (Access Log)
This attribute specifies the path and filename of the log used to record each LDAP access. The
following information is recorded by default in the log file:
• IP address of the client machine that accessed the database.
• Operations performed (for example, search, add, and modify).
• Result of the access (for example, the number of entries returned or an error code).
For more information on turning access logging off, see the "Monitoring Server and Database Activity"
chapter in the Directory Server Administrator's Guide.
For access logging to be enabled, this attribute must have a valid path and parameter, and the
nsslapd-accesslog-logging-enabled configuration attribute must be switched to on. The table
lists the four possible combinations of values for these two configuration attributes and their outcome
in terms of disabling or enabling of access logging.
Attribute
nsslapd-accesslog-logging-
enabled
nsslapd-accesslog
nsslapd-accesslog-logging-
enabled
nsslapd-accesslog
nsslapd-accesslog-logging-
enabled
nsslapd-accesslog
nsslapd-accesslog-logging-
enabled
nsslapd-accesslog
Table 2.2. dse.ldif File Attributes
Parameter
Entry DN
Valid Values
Default Value
Syntax
Example
2.3.1.2. nsslapd-accesslog-level (Access Log Level)
This attribute controls what is logged to the access log.
Value
on
empty string
on
filename
off
empty string
off
filename
Description
cn=config
Any valid filename.
/var/log/dirsrv/slapd-instance_name/access
DirectoryString
nsslapd-accesslog: /var/log/dirsrv/
slapd-instance_name/access
Logging enabled or disabled
Disabled
Enabled
Disabled
Disabled
cn=config
11