Did you 'chown ldap:ldap /var/log/audit.log' before starting slapd ?
This file must be owned by the ldap user.

Although I'm not sure, there maybe a problem because the ldap user
doesn't own /var/log.
I put my auditlog together with the bdb files (in the directory given
by your 'directory' slapd.conf directive).

Regards,
Thierry

On 13 oct. 10, at 22:51, Michael Starling wrote:

Hello. I'm trying to implement the auditlog overlay in my openldap setup. I've configured what I think is the right directives in sladp.conf and restarted LDAP without any erros but nothing gets written to the logfile I specify in slapd.conf. Here's the pertinent info from my slapd.conf. Everything else is working as it should but this one has me stumped. 


RHEL 5.3
openldap-2.3.43-3

slapd.conf

# modules available in openldap-servers-overlays RPM package:
# moduleload accesslog.la
moduleload auditlog.la
# moduleload denyop.la
# moduleload dyngroup.la
# moduleload dynlist.la
# moduleload lastmod.la
# moduleload pcache.la
moduleload ppolicy.la
# moduleload refint.la
# moduleload retcode.la
# moduleload rwm.la
moduleload smbk5pwd.la
# moduleload syncprov.la
# moduleload translucent.la
# moduleload unique.la
# moduleload valsort.la

database        bdb


overlay auditlog
auditlog /var/log/audit.log


#Password Policy
overlay ppolicy
ppolicy_default "cn=Default,ou=Policies,dc=sev,dc=lott"
ppolicy_hash_cleartext
ppolicy_use_lockout

#password sync
overlay smbk5pwd