On Feb 4, 2022, 9:27 PM -0500, Paul B. Henson <henson@acm.org>, wrote:

Does anybody know of any good tools that can rip through an openldap log
file and analyze it, creating a report of what queries are being made
and how long they are taking to process?

All of the information I'm interested in is included in the log:

Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 fd=84 ACCEPT from
IP=134.71.247.28:46592 (IP=0.0.0.0:636)
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 fd=84 TLS established
tls_ssf=256 ssf=256 tls_proto=TLSv1.2 tls_cipher=ECDHE-RSA-AES256-GCM-SHA384
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=0 BIND
dn="cn=it_boomi,ou=user,ou=service,dc=cpp,dc=edu" method=128
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=0 BIND
dn="cn=it_boomi,ou=user,ou=service,dc=cpp,dc=edu" mech=SIMPLE bind_ssf=0
ssf=256
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=0 RESULT tag=97 err=0
qtime=0.000031 etime=0.000189 text=
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=1 SRCH
base="ou=user,dc=cpp,dc=edu" scope=2 deref=3
filter="(&(objectClass=person)(calstateEduPersonEmplID=014532336))"
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=1 SRCH attr=memberOf
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=2 UNBIND
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 op=1 SEARCH RESULT
tag=101 err=0 qtime=0.000016 etime=0.192994 nentries=1 text=
Feb 4 18:23:54 ldap-01 slapd[1207]: conn=46272 fd=84 closed

but split up into a number of different lines which need to be
correlated to summarize it. Before I try it myself I was hoping somebody
else had already scratched that itch :). The only things I can find
searching are either really old or commercial products.

Thanks much…