Wednesday, February 19, 2025

[389-users] Re: Adding the source IP to All slapd logs

Hi Florian,


There is no configuration option to add this string 'from ip 192.168.1.100' at the end of each access log lines related to the connection.
I would suggest to implement a script parsing the log file. For each ip from the 'slot=xxx connection from' and stopping parsing after 'conn=xxx.*UNBIND'. Then add ip at the end of each record containing 'conn=xxx op='.


best regards
thierry

On 2/19/25 11:59 AM, Florian GESLOT via 389-users wrote:
Hello Thierry,
Thank you very much for your response !
Yes, indeed, I have tried OpenLDAP and 389DS numerous times to see if either of them offers a solution.
If I go through my 389 logs, the results are almost equivalent.
I get this type of log from 389:
[19/Feb/2025:10:46:57.918666986 +0000] conn=99 fd=65 slot=65 connection from 192.168.1.100 to 192.168.1.111
[19/Feb/2025:10:46:57.919765771 +0000] conn=99 op=0 BIND dn="cn=Directory Manager" method=128 version=3
[19/Feb/2025:10:46:57.951976255 +0000] conn=99 op=0 RESULT err=0 tag=97 nentries=0 wtime=0.000183881 optime=0.032260351 etime=0.032440135 dn="cn=directory manager"
[19/Feb/2025:10:46:57.953472603 +0000] conn=99 op=1 SRCH base="dc=example,dc=com" scope=2 filter="(objectClass=*)" attrs="* aci"
[19/Feb/2025:10:46:57.953600654 +0000] conn=99 op=1 RESULT err=32 tag=101 nentries=0 wtime=0.000169513 optime=0.000132287 etime=0.000297635
[19/Feb/2025:10:46:57.954663998 +0000] conn=99 op=2 UNBIND
[19/Feb/2025:10:46:57.954685151 +0000] conn=99 op=2 fd=65 Disconnect - Cleanly Closed Connection - U1
Whereas I would like to have the IPs on all the lines, something that looks like this:
[19/Feb/2025:10:46:57.918666986 +0000] conn=99 fd=65 slot=65 connection from 192.168.1.100 to 192.168.1.111
[19/Feb/2025:10:46:57.919765771 +0000] conn=99 op=0 BIND dn="cn=Directory Manager" method=128 version=3 from ip 192.168.1.100
[19/Feb/2025:10:46:57.951976255 +0000] conn=99 op=0 RESULT err=0 tag=97 nentries=0 wtime=0.000183881 optime=0.032260351 etime=0.032440135 dn="cn=directory manager" from ip 192.168.1.100
[19/Feb/2025:10:46:57.953472603 +0000] conn=99 op=1 SRCH base="dc=example,dc=com" scope=2 filter="(objectClass=*)" attrs="* aci" from ip 192.168.1.100
[19/Feb/2025:10:46:57.953600654 +0000] conn=99 op=1 RESULT err=32 tag=101 nentries=0 wtime=0.000169513 optime=0.000132287 etime=0.000297635 from ip 192.168.1.100
[19/Feb/2025:10:46:57.954663998 +0000] conn=99 op=2 UNBIND from ip 192.168.1.100
[19/Feb/2025:10:46:57.954685151 +0000] conn=99 op=2 fd=65 Disconnect - Cleanly Closed Connection - U1 from ip 192.168.1.100
Is there a specific configuration in 389DS to achieve this result?
Sincerely,
Florian

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)