logfile
OpenLDAP logs via syslogd (using LOCAL4) in all cases (see loglevel for configuration information on streaming syslogd LDAP messages to a separate file). In addition the logfile directive may be used to create a separate file containing just LDAP log information. Even when this directive is used OpenLDAP will also log the same information via syslogd. Example:
logfile /path/to/ldap/log/file
# file must exist prior to starting OpenLDAP
touch /path/to/ldap/log/file
chown ldap:ldap /path/to/ldap/log/file
loglevel
OpenLDAP logs via syslogd LOCAL4. To stream the LDAP log to a separate file from syslog add a line like this to syslog.conf (normally /etc/syslog.conf):
# add to syslog.conf
local4.* /var/log/ldap.log
# create an empty log file
touch /var/log/ldap.log
# restart syslogd
killall -HUP syslogd
OR
/etc/rc.d/syslogd restart
The above command will log all levels of local4 (OpenLDAP) output to /var/log/ldap.log. Alternatively the logfile directive may be used.
The OpenLDAP logging level is set using the following directive:
loglevel number | hex-value | log-name
The possible values for number, hex-value and log-name are:
| number | hex-value | log-name | Logging description |
| -1 | 0xFFFF | enable all logging | |
| 0 | 0x0000 | - | logging inhibited - no logging occurs including critical errors. Not recommended. |
| 1 | 0x1 | acl | trace function calls |
| 2 | 0x2 | packets | debug packet handling |
| 4 | 0x4 | args | heavy trace debugging |
| 8 | 0x8 | conns | connection management |
| 16 | 0x10 | BER | print out packets sent and received |
| 32 | 0x20 | filter | search filter processing |
| 64 | 0x40 | config | configuration file processing |
| 128 | 0x80 | ACL | access control list processing |
| 256 | 0x100 | stats | stats log connections/operations/results |
| 512 | 0x200 | stats2 | stats log entries sent |
| 1024 | 0x400 | shell | print communication with shell backends |
| 2048 | 0x800 | parse | print entry parsing debugging |
| 4096 | 0x1000 | cache | caching (unused)g |
| 8192 | 0x2000 | index | indexing (unused) |
| 16384 | 0x4000 | sync | print syncrepl (replica) logging |
| 32768 | 0x8000 | none | A misnomer - it will log message that are not categorized including curial messages |
The loglevel directive takes a single value or a space separated list of values, each value may be any combination of number, hex-value or log-name from the table above. The results are OR'd together. It is also possible to set multiple entries in either the number or hex-value as shown in the following examples:
loglevel 255
# sets 1, 2, 4, 8, 16, 32, 64 and 128
# adds all the numbers
loglevel 2176
# 2048 + 128
loglevel 296
# 256 + 32 + 8
# using single hex-value (128)
loglevel 0x80
# multiple hex-values (1 + 128)
loglevel 0x81
# same result as
loglevel 0x1 0x80
# using log-name (single value)
loglevel acl
# multiple log-name values
loglevel acl sync
# combined
loglevel 1 0x40 conns
If no loglevel directive is defined the log defaults to 256 (stats only).
Note: With the -1 setting slapd logs ferocious amounts of data. Reduce this value as quickly as possible to only those items you are interested in or buy new discs - lots of new discs.
需要更多信息请看: http://www.zytrax.com/books/ldap/ch6/#loglevel
ldap调试模式启动: slapd -d 256
