Does anybody know of any good tools that can rip through an openldap log file and analyze it, creating a report of what queries are being made and how long they are taking to process?
All of the information I'm interested in is included in the log:
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 fd=84 ACCEPT from IP=134.71.247.28:46592 (IP=0.0.0.0:636) Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 fd=84 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.2 tls_cipher=ECDHE-RSA-AES256-GCM-SHA384 Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=0 BIND dn="cn=it_boomi,ou=user,ou=service,dc=cpp,dc=edu" method=128 Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=0 BIND dn="cn=it_boomi,ou=user,ou=service,dc=cpp,dc=edu" mech=SIMPLE bind_ssf=0 ssf=256 Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=0 RESULT tag=97 err=0 qtime=0.000031 etime=0.000189 text= Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=1 SRCH base="ou=user,dc=cpp,dc=edu" scope=2 deref=3 filter="(&(objectClass=person)(calstateEduPersonEmplID=014532336))" Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=1 SRCH attr=memberOf Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=2 UNBIND Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=1 SEARCH RESULT tag=101 err=0 qtime=0.000016 etime=0.192994 nentries=1 text= Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 fd=84 closed
but split up into a number of different lines which need to be correlated to summarize it. Before I try it myself I was hoping somebody else had already scratched that itch :). The only things I can find searching are either really old or commercial products.
Thanks much…