Server User Manual

Default Access Logging Content
221
[21/Apr/2009:11:39:53 -0700] conn=13 op=3 RESULT err=0 tag=120 nentries=0 etime=0
[21/Apr/2009:11:39:53 -0700] conn=13 op=4 UNBIND
[21/Apr/2009:11:39:53 -0700] conn=13 op=4 fd=659 closed - U1
[21/Apr/2009:11:39:55 -0700] conn=14 fd=700 slot=700 connection from 207.1.153.51 to
192.18.122.139
[21/Apr/2009:11:39:55 -0700] conn=14 op=0 BIND dn="" method=sasl version=3 mech=DIGEST-MD5
[21/Apr/2009:11:39:55 -0700] conn=14 op=0 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind
in progress
[21/Apr/2009:11:39:55 -0700] conn=14 op=1 BIND dn="uid=jdoe,dc=example,dc=com" method=sasl
version=3 mech=DIGEST-MD5
[21/Apr/2009:11:39:55 -0700] conn=14 op=1 RESULT err=0 tag=97nentries=0 etime=0
dn="uid=jdoe,dc=example,dc=com"
[21/Apr/2009:11:39:55 -0700] conn=14 op=2 UNBIND
[21/Apr/2009:11:39:53 -0700] conn=14 op=2 fd=700 closed - U1
Example 5.1. Example Access Log
Connection Number
Every external LDAP request is listed with an incremental connection number, in this case conn=11,
starting at conn=0 immediately after server startup.
[21/Apr/2009:11:39:51 -0700] conn=11 fd=608 slot=608 connection from 207.1.153.51 to
192.18.122.139
Internal LDAP requests are not recorded in the access log by default. To activate the logging
of internal access operations, specify access logging level 4 on the nsslapd-accesslog-level
3
configuration attribute.
File Descriptor
Every connection from an external LDAP client to Directory Server requires a file descriptor or socket
descriptor from the operating system, in this case fd=608. fd=608 indicates that it was file descriptor
number 608 out of the total pool of available file descriptors which was used.
[21/Apr/2009:11:39:51 -0700] conn=11 fd=608 slot=608 connection from 207.1.153.51 to
192.18.122.139
Slot Number
The slot number, in this case slot=608, is a legacy part of the access log which has the same
meaning as file descriptor. Ignore this part of the access log.
[21/Apr/2009:11:39:51 -0700] conn=11 fd=608 slot=608 connection from 207.1.153.51 to
192.18.122.139
Operation Number
To process a given LDAP request, Directory Server will perform the required series of operations. For
a given connection, all operation request and operation result pairs are given incremental operation
numbers beginning with op=0 to identify the distinct operations being performed.
3
Configuration_Command_File_Reference-Core_Server_Configuration_Reference-
Core_Server_Configuration_Attributes_Reference.html#Configuration_Command_File_Reference-cnconfig-
nsslapd_accesslog_level