Did you know that OpenDJ, one of the major open source directory server,
features a powerful logging interface ? For each need and use case, the OpenDJ
logging system brings a solution to debug, finely tune and optimize or just
filter out what you want or don't want to see in your logs.
For example, let's have a look at a few commands below...
Use this one to enable nanoseconds accuracy for LDAP operations execution
dsconfig -j mypasswordfile -Xn set-global-configuration-prop --set etime-resolution:nanoseconds
Use this one to enable the debug log with a somewhat talkative log
dsconfig -j mypasswordfile -Xn set-log-publisher-prop --publisher-name File-Based Debug Logger --set default-debug-level:verbose --set enabled:true
The last one below is a bit more complicated:
dsconfig -j mypasswordfile -Xn set-log-publisher-prop --publisher-name "File-Based Access Logger" --set connection-client-address-not-equal-to:10.0.0.1 --set log-record-type:extended --set response-etime-less-than:500 --set log-format:combined --set log-control-oids:true --set suppress-internal-operations:true --set buffer-size:512kb --set filtering-policy:exclusive --set queue-size:100000
It would have the following effects:
- it would exclude (from the access log) access requests issued by the
10.0.0.1 IP address, which can be very useful for example to prevent load
balancers health-check requests from being logged, making the access log grow
large unusefully if not excluded.
- it would also exclude LDAP extended operations like the replication trafic
- it would also exclude requests that took less than half a millisecond (500
ns) to be served. In such a case, it's recommended to log both requests and
results on the same line, for the same operation. That's exactly what the
"log-format:combined" parameter does.
- it would log LDAP controls OIDs, as well as the server internal LDAP
operations like the ones executed by some enabled plugins
- finally, to limit disks I/O and improve the overall throughput, it would
increase the default asynchronous access logger queue size as well as the log