一、本地日志配置
[root@openldap etc]# vim /etc/rsyslog.conf local4.* /var/log/ldap.log [root@openldap etc]# systemctl restart rsyslog [root@openldap ~]# cd /var/log [root@openldap log]# cat ldap.log Jul 15 13:31:13 openldap slapd[43326]: @(#) $OpenLDAP: slapd 2.4.46 (Jun 2 2018 16:44:15) $#012#011root@:/opt/software/openldap-2.4.46/servers/slapd Jul 15 13:31:13 openldap slapd[43327]: mdb_monitor_db_open: monitoring disabled; configure monitor database to enable Jul 15 13:31:13 openldap slapd[43327]: slapd starting
[root@openldap libexec]# ./slapd --help
./slapd: invalid option -- '-'
usage: ./slapd options
-4 IPv4 only
-6 IPv6 only
-T {acl|add|auth|cat|dn|index|passwd|test}
Run in Tool mode
-c cookie Sync cookie of consumer
-d level Debug level
-f filename Configuration file
-F dir Configuration directory
-g group Group (id or name) to run as
-h URLs List of URLs to serve
-l facility Syslog facility (default: LOCAL4)
-n serverName Service name
-o <opt>[=val] generic means to specify options; supported options:
slp[={on|off|(attrs)}] enable/disable SLP using (attrs)
-r directory Sandbox directory to chroot to
-s level Syslog level
-u user User (id or name) to run as
-V print version info (-VV exit afterwards, -VVV print
info about static overlays and backends)
[root@openldap ~]# vim /usr/local/openldap.2.4.46/etc/openldap/slapd.conf
loglevel 4095 #结尾处添加
[root@openldap ~]# systemctl restart rsyslog
[root@openldap ~]# cd /var/log
[root@openldap log]# cat ldap.log
......
Jul 15 13:47:34 openldap slapd[87146]: config_build_entry: "olcDatabase={0}config"
Jul 15 13:47:34 openldap slapd[87146]: config_build_entry: "olcDatabase={1}mdb"
Jul 15 13:47:34 openldap slapd[87146]: backend_startup_one: starting "dc=abc"
Jul 15 13:47:34 openldap slapd[87146]: mdb_db_open: "dc=abc"
Jul 15 13:47:34 openldap slapd[87146]: mdb_db_open: database "dc=abc": dbenv_open(/usr/local/openldap.2.4.46/var/openldap-data).
Jul 15 13:47:34 openldap slapd[87146]: mdb_monitor_db_open: monitoring disabled; configure monitor database to enable
Jul 15 13:47:34 openldap slapd[87146]: slapd starting
Jul 15 13:47:34 openldap slapd[87146]: daemon: added 4r listener=(nil)
Jul 15 13:47:34 openldap slapd[87146]: daemon: added 7r listener=0xd16470
Jul 15 13:47:34 openldap slapd[87146]: daemon: added 8r listener=0xd16550
Jul 15 13:47:34 openldap slapd[87146]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Jul 15 13:47:34 openldap slapd[87146]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Jul 15 13:47:34 openldap slapd[87146]: daemon: activity on 1 descriptor
Jul 15 13:47:34 openldap slapd[87146]: daemon: activity on:
Jul 15 13:47:34 openldap slapd[87146]:
Jul 15 13:47:34 openldap slapd[87146]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Jul 15 13:47:34 openldap slapd[87146]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Jul 15 13:48:33 openldap slapd[87146]: daemon: shutdown requested and initiated.
Jul 15 13:48:33 openldap slapd[87146]: daemon: closing 7
Jul 15 13:48:33 openldap slapd[87146]: daemon: closing 8
Jul 15 13:48:33 openldap slapd[87146]: slapd shutdown: waiting for 0 operations/tasks to finish
Jul 15 13:48:33 openldap slapd[87146]: slapd shutdown: initiated
Jul 15 13:48:33 openldap slapd[87146]: slapd destroy: freeing system resources.
Jul 15 13:48:33 openldap slapd[87146]: slapd stopped.二、远程日志设置
OpenLDAP Server(日志客户端):172.16.216.157
[root@openldap ~]# vim /etc/rsyslog.conf local4.* @@172.16.216.164:514 [root@openldap ~]# systemctl restart rsyslog
OpenLDAP 日志服务端:172.16.216.164
[root@openldap ~]# vim /etc/rsyslog.conf # Provides UDP syslog reception $ModLoad imudp $UDPServerRun 514 # Provides TCP syslog reception $ModLoad imtcp $InputTCPServerRun 514 local4.* /var/log/remoteldap.log
[root@openldap ~]# systemctl restart rsyslog [root@openldap ~]# netstat -tulnp |grep 514 tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 36800/rsyslogd tcp6 0 0 :::514 :::* LISTEN 36800/rsyslogd udp 0 0 0.0.0.0:514 0.0.0.0:* 36800/rsyslogd udp6 0 0 :::514 :::* 36800/rsyslogd [root@openldap ~]# cd /var/log [root@openldap log]# cat remoteldap.log Jul 15 14:13:19 openldap slapd[25125]: @(#) $OpenLDAP: slapd 2.4.46 (Jun 2 2018 16:44:15) $#012#011root@:/opt/software/openldap-2.4.46/servers/slapd Jul 15 14:13:19 openldap slapd[25125]: >>> dnNormalize: <cn=Subschema> Jul 15 14:13:19 openldap slapd[25125]: <<< dnNormalize: <cn=subschema> Jul 15 14:13:19 openldap slapd[25125]: matching_rule_use_init Jul 15 14:13:19 openldap slapd[25125]: 1.2.840.113556.1.4.804 (integerBitOrMatch): Jul 15 14:13:19 openldap slapd[25125]: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcDbMaxReaders $ olcDbMaxSize $ olcDbRtxnSize $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) ) ......
