Hi there,
I would like to get some documentation that can describe, in details, which fiileds there are present in ldap.log file, and the meaning of each field.
I need some information about 7th field (op=33 in first line). Where can I find all codes used in this field ?
Jan 10 11:50:21 ldap01 slapd[10819]: conn=1702 op=33 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 op=36 UNBIND Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 fd=21 closed
Thanks
--- Gustavo e-mail: gmcarvalho@gmail.com
Gustavo Mendes de Carvalho wrote:
Hi there,
I would like to get some documentation that can describe, in details, which fiileds there are present in ldap.log file, and the meaning of each field.
I need some information about 7th field (op=33 in first line). Where can I find all codes used in this field ?
It's a counter particular to that connections, i.e. conn=1702 has performed 36 operations.
Jan 10 11:50:21 ldap01 slapd[10819]: conn=1702 op=33 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 op=36 UNBIND Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 fd=21 closed
Thanks
Gustavo e-mail: gmcarvalho@gmail.com
Hi Gavin,
Do you have any document (or a link to someone) that describes each field in ldap.log file ?
Thanks in advance
--- Gustavo Mendes de Carvalho email: gmcarvalho@gmail.com
-----Mensagem original----- De: Gavin Henry [mailto:ghenry@OpenLDAP.org] Enviada em: sexta-feira, 11 de janeiro de 2008 14:10 Para: Gustavo Mendes de Carvalho Cc: openldap-technical@openldap.org Assunto: Re: log fields
Gustavo Mendes de Carvalho wrote:
Hi there,
I would like to get some documentation that can describe, in details, which fiileds there are present in ldap.log file, and the meaning of each field.
I need some information about 7th field (op=33 in first line). Where can I find all codes used in this field ?
It's a counter particular to that connections, i.e. conn=1702 has performed 36 operations.
Jan 10 11:50:21 ldap01 slapd[10819]: conn=1702 op=33 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 op=36 UNBIND Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 fd=21 closed
Thanks
Gustavo e-mail: gmcarvalho@gmail.com
-- Kind Regards,
Gavin Henry. OpenLDAP Engineering Team.
E ghenry@OpenLDAP.org
Community developed LDAP software.
Gustavo Mendes de Carvalho wrote:
Hi Gavin,
Do you have any document (or a link to someone) that describes each field in ldap.log file ?
The short answer is no (unless Gavin has it, but keeps it secret ;)
I guess the admin guide here http://www.openldap.org/doc/admin24/tuning.html#What%20log%20level%20to%20use could be slightly expanded to describe the meaning of the messages at "stats" level (which is still indicated as 256; I'd rather use "stats" or at least "0x100"). I recall someone (Hallvard?) discussing this issue, probably on -devel, and doing some refactoring of the (mainly response) log messages, to make them as uniform as possible, but I can't locate that message thread.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
Pierangelo Masarati wrote:
I guess the admin guide here http://www.openldap.org/doc/admin24/tuning.html#What%20log%20level%20to%20use could be slightly expanded to describe the meaning of the messages at "stats" level (which is still indicated as 256; I'd rather use "stats" or at least "0x100"). I recall someone (Hallvard?) discussing this issue, probably on -devel, and doing some refactoring of the (mainly response) log messages, to make them as uniform as possible, but I can't locate that message thread.
Gavin,
rethinking the above, I'm not fully convinced that log description should go into "tuning"; perhaps it should go into "troubleshooting", but it definitely belongs to auditing (although not the most reliable means to audit the DSA's activity). What would you suggest?
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
On Saturday 16 February 2008 02:43:39 Gustavo Mendes de Carvalho wrote:
Hi Gavin,
Do you have any document (or a link to someone) that describes each field in ldap.log file ?
Is this really necessary? The fields seem relatively self-apparent:
Jan 10 11:50:21 ldap01 slapd[10819]: conn=1702 op=33 SEARCH RESULT tag=101 err=0 nentries=1 text=
A search result was sent to the client that is connected with connection 1702, the search succeeded, 1 entry was sent, no text representation of the error number. This was for the 33rd operation on the connection.
Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)"
A new search was received, operation number 34 on the connection number 1702, with the obvious search parameters.
Jan 10 11:50:25 ldap01 slapd[10819]: conn=1702 op=34 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SRCH base="uid=gustavo,ou=company,c=org" scope=0 deref=0 filter="(objectClass=*)" Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 op=36 UNBIND Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 fd=21 closed
What else do you need, and what for?
Hi Buchan,
Is this really necessary? The fields seem relatively self-apparent:
I really have to agree with you. Most fields are self-apparent.
Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 op=36 UNBIND Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 fd=21 closed
What else do you need, and what for?
What I really looking for is some description that can help me to create some report from ldap.log file describing in details who (user) has logged in (host) in which date and if this user had success in this login. I am looking some information that can describe how many time this user typed some wrong password amd when he changed his password.
I found some information decribing wrong and correct password - conn=1 RESULT tag=97 err=49 text= -> wrong passwd - conn=1 RESULT tag=97 err=0 text= -> correct passwd But and what about other 48 error codes ? What they does mean it ?
I am looking for some information that can describe if user informed exists in LDAP base or not. When I typed some user that does not exist in LDAP base, I got this information - conn=58 fd=16 ACCEPT from IP=10.10.5.62:5922 (IP=0.0.0.0:636) - conn=58 op=0 BIND dn="uid=HGHG,ou=OrgUnit,o=organization,c=country" method=128 - conn=58 op=0 RESULT tag=97 err=49 text= - conn=58 fd=16 closed In this case I really know that user HGHG dows not exist, but according with 3rd line, his password is wrong, but I don´t know for sure if this user is correct or not.
That´s why I am asking for some documentation describing ldap log fields. If this doc does not exist, I will try to get some information in another way. But if this doc exist, if it is a draft, I would like to get some copy (if is it possible, of course) and of course that I can help you and OpanLDAP Project with more informations to help them to produce better documentation.
Thanks
--- Gustavo Mendes de Carvalho email: gmcarvalho@gmail.com
Gustavo Mendes de Carvalho wrote:
Hi Buchan,
Is this really necessary? The fields seem relatively self-apparent:
I really have to agree with you. Most fields are self-apparent.
Jan 10 11:50:26 ldap01 slapd[10819]: conn=1702 op=35 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 op=36 UNBIND Jan 10 12:28:13 ldap01 slapd[10819]: conn=1702 fd=21 closed
What else do you need, and what for?
What I really looking for is some description that can help me to create some report from ldap.log file describing in details who (user) has logged in (host) in which date and if this user had success in this login. I am looking some information that can describe how many time this user typed some wrong password amd when he changed his password.
I found some information decribing wrong and correct password
- conn=1 RESULT tag=97 err=49 text= -> wrong passwd
- conn=1 RESULT tag=97 err=0 text= -> correct passwd
But and what about other 48 error codes ? What they does mean it ?
The error codes are a closely guarded secret, and you need a special secret decoder ring to decipher them.
Or you can just look in doc/rfc/rfc4511.txt in the source tree. Or http://ietf.org/rfc/rfc4511.txt
And probably a few million other places besides.
openldap-technical@openldap.org
-
Buchan Milne -
Gavin Henry -
Gustavo Mendes de Carvalho -
Howard Chu -
Pierangelo Masarati