We've encountered a issue where openldap seems to be writing huge volumes of logs for authentication failures.
Having freed up some space and run `db_recover` (which cleared out the log files), then restarted openldap, it's again written ~120MB of logs for 200 failed authentication requests.
The log files are almost entirely timestamps:
0Z20161022152331.314499Z20161022152331.325384Z20161022152331.330788Z201610221523 31.350547Z20161022152331.355448Z20161022152331.369422Z20161022152331.374363Z2016 1022152331.390477Z20161022152331.410878Z20161022152331.427888Z20161022152331.438 814Z20161022152331.445610Z20161022152331.451377Z20161022152331.478571Z2016102215 2331.484278Z20161022152331.500831Z20161022152331.506391Z20161022152331.517584Z20 161022152331.522518Z20161022152331.542621Z20161022152331.547733Z20161022152331.5 66601Z20161022152331.571819Z20161022152331.582696Z20161022152331.588227Z20161022 152331.613213Z20161022152331.618932Z20161022152331.648696Z20161022152331.654433Z 20161022152331.668033Z20161022152331.677784Z20161022152331.685107Z20161022152331 .679736Z20161022152331.710191Z20161022152331.733564
OpenLDAP: slapd 2.4.40
Any ideas why this is happening?
Am Mon, 24 Oct 2016 15:47:01 +0100 schrieb Dan Hawkes dan.hawkes@fissara.com:
We've encountered a issue where openldap seems to be writing huge volumes of logs for authentication failures.
Having freed up some space and run `db_recover` (which cleared out the log files), then restarted openldap, it's again written ~120MB of logs for 200 failed authentication requests.
The log files are almost entirely timestamps:
[...]
OpenLDAP: slapd 2.4.40
Any ideas why this is happening?
Yes, db is badly configured, 'set_flags DB_LOG_AUTOREMOVE' should do the trick. But prior to that, run db_archive -dvh /path/to/dabatase to remove old files. By the way, BerkleyDB is depricated, you should switch to mdb.
-Dieter
openldap-technical@openldap.org