Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SLAPO-AUDITLOG(5)	      File Formats Manual	     SLAPO-AUDITLOG(5)

NAME
       slapo-auditlog -	Audit Logging overlay to slapd

SYNOPSIS
       /usr/local/etc/openldap/slapd.conf

       /usr/local/etc/openldap/slapd.d

DESCRIPTION
       The  Audit Logging overlay can be used to record	all changes on a given
       backend database	to a specified log file. Changes are logged  as	 stan-
       dard  LDIF,  with  an additional	comment	header providing six fields of
       information about the change. A second comment header is	added  at  the
       end of the operation to note the	termination of the change.

       For Add and Modify operations the identity comes	from the modifiersName
       associated  with	 the  operation.  This	is usually the same as the re-
       questor's identity, but may be set by other overlays to	reflect	 other
       values.

CONFIGURATION
       This slapd.conf option applies to the Audit Logging overlay.  It	should
       appear after the	overlay	directive.

       auditlog	<filename>
	      Specify the fully	qualified path for the log file.

       olcAuditlogFile <filename>
	      For use with cn=config

COMMENT	FIELD INFORMATION
       The first field is the operation	type.
       The  second  field  is  the timestamp of	the operation in seconds since
       epoch.
       The third field is the suffix of	the database.
       The fourth field	is the recorded	modifiersName.
       The fifth field is the originating IP address and port.
       The sixth field is the connection number. A connection number of	-1 in-
       dicates an internal slapd operation.

EXAMPLE
       The following LDIF could	be used	to add this overlay to cn=config  (ad-
       just to suit)

	      dn: olcOverlay=auditlog,olcDatabase={1}mdb,cn=config
	      changetype: add
	      objectClass: olcOverlayConfig
	      objectClass: olcAuditLogConfig
	      olcOverlay: auditlog
	      olcAuditlogFile: /tmp/auditlog.ldif

EXAMPLE	CHANGELOG
	      #	modify 1614223245 dc=example,dc=com cn=admin,dc=example,dc=com IP=[::1]:47270 conn=1002
	      dn: uid=joepublic,ou=people,dc=example,dc=com
	      changetype: modify
	      replace: displayName
	      displayName: Joe Public
	      -
	      replace: entryCSN
	      entryCSN:	20210225032045.045229Z#000000#001#000000
	      -
	      replace: modifiersName
	      modifiersName: cn=admin,dc=example,dc=com
	      -
	      replace: modifyTimestamp
	      modifyTimestamp: 20210225032045Z
	      -
	      #	end modify 1614223245

FILES
       /usr/local/etc/openldap/slapd.conf
	      default slapd configuration file

       /usr/local/etc/openldap/slapd.d
	      default slapd configuration directory

SEE ALSO
       slapd.conf(5), slapd-config(5).

OpenLDAP 2.6.9			  2024/11/26		     SLAPO-AUDITLOG(5)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=slapo-auditlog&sektion=5&manpath=FreeBSD+Ports+14.3.quarterly>

home | help