Dear all
I've configured accesslog overlay on our directory project because all modification history is very (very) important for us. The most frequent query (and currently the only query) to the accesslog database is to look for modification to a certain record. Typically like this:
(reqDN=uid=paul_smith,ou=contacts,ou=xxx,dc=xxx,dc=xxx)
Currently the database behave strangely:
(reqAuthzID=uid=paul_smith,ou=contacts,ou=xxx,dc=xxx,dc=xxx) -> return result in 4 seconds (reqDN=uid=paul_smith,ou=contacts,ou=xxx,dc=xxx,dc=xxx) -> return result in 4 minutes
The interesting thing: I have configured to index reqDN but not reqAuthzID:
I read the admin's manual (2.4), as in the manual the set up of index is as simple as configure it in slapd.conf and run slapindex, which I did, with no error at all.
[snip from slapd.conf] database bdb suffix "cn=accesslog" rootdn "cn=admin,cn=accesslog" rootpw [hidden] directory "/var/lib/ldap-log" index reqDN,reqType eq [/snip]
I also double checked /var/lib/ldap-log to confirm there is "reqDN.dbd" (2MB)
The total number of modification records is around 50k. Openldap 2.3.27 running on Debian/x86
My question is: The 4 minute search time is not reasonable (Excel can do much faster with same number of records), and not acceptable for our use (because checking modification history is daily routine). How can I improve it? What other information I didn't provider to have asked this question properly? What else (besides admin manual which only described indexing a few pages) should I read?
Thanks a lot in advance! Best regards