1 .lf 1 stdin 2 .TH SLAPO-AUDITLOG 5 "2025/05/22" "OpenLDAP 2.6.10" 3 .\" Copyright 2005-2024 The OpenLDAP Foundation All Rights Reserved. 4 .\" Copying restrictions apply. See COPYRIGHT/LICENSE. 5 .\" $OpenLDAP$ 6 .SH NAME 7 slapo\-auditlog \- Audit Logging overlay to slapd 8 .SH SYNOPSIS 9 /etc/openldap/slapd.conf 10 .TP 11 /etc/openldap/slapd.d 12 .SH DESCRIPTION 13 The Audit Logging overlay can be used to record all changes on a given 14 backend database to a specified log file. Changes are logged as standard 15 LDIF, with an additional comment header providing six fields of 16 information about the change. A second comment header is added at the end 17 of the operation to note the termination of the change. 18 .LP 19 For Add and Modify operations the identity comes from the modifiersName 20 associated with the operation. This is usually the same as the requestor's 21 identity, but may be set by other overlays to reflect other values. 22 .SH CONFIGURATION 23 This 24 .B slapd.conf 25 option applies to the Audit Logging overlay. 26 It should appear after the 27 .B overlay 28 directive. 29 .TP 30 .B auditlog <filename> 31 Specify the fully qualified path for the log file. 32 .TP 33 .B olcAuditlogFile <filename> 34 For use with 35 .B cn=config 36 .SH COMMENT FIELD INFORMATION 37 The first field is the operation type. 38 .br 39 The second field is the timestamp of the operation in seconds since epoch. 40 .br 41 The third field is the suffix of the database. 42 .br 43 The fourth field is the recorded modifiersName. 44 .br 45 The fifth field is the originating IP address and port. 46 .br 47 The sixth field is the connection number. A connection number of -1 48 indicates an internal slapd operation. 49 .SH EXAMPLE 50 The following LDIF could be used to add this overlay to 51 .B cn=config 52 (adjust to suit) 53 .LP 54 .RS 55 .nf 56 dn: olcOverlay=auditlog,olcDatabase={1}mdb,cn=config 57 changetype: add 58 objectClass: olcOverlayConfig 59 objectClass: olcAuditLogConfig 60 olcOverlay: auditlog 61 olcAuditlogFile: /tmp/auditlog.ldif 62 .fi 63 .RE 64 .LP 65 .LP 66 .SH EXAMPLE CHANGELOG 67 .LP 68 .RS 69 .nf 70 # modify 1614223245 dc=example,dc=com cn=admin,dc=example,dc=com IP=[::1]:47270 conn=1002 71 dn: uid=joepublic,ou=people,dc=example,dc=com 72 changetype: modify 73 replace: displayName 74 displayName: Joe Public 75 - 76 replace: entryCSN 77 entryCSN: 20210225032045.045229Z#000000#001#000000 78 - 79 replace: modifiersName 80 modifiersName: cn=admin,dc=example,dc=com 81 - 82 replace: modifyTimestamp 83 modifyTimestamp: 20210225032045Z 84 - 85 # end modify 1614223245 86 87 .fi 88 .RE 89 .LP 90 .SH FILES 91 .TP 92 /etc/openldap/slapd.conf 93 default slapd configuration file 94 .TP 95 /etc/openldap/slapd.d 96 default slapd configuration directory 97 .SH SEE ALSO 98 .BR slapd.conf (5), 99 .BR slapd\-config(5). 100
Indexes created Fri May 08 00:25:09 UTC 2026