Sun Java System Directory Server Enterprise Edition 6.1 Deployment Planning Guide

Designing a Logging Strategy

Logging is managed and configured at the individual server level. While logging is enabled by default, it can be reconfigured or disabled according to the requirements of your deployment. Designing a logging strategy assists with planning hardware requirements. For more information, see Hardware Sizing For Directory Server.

This section describes the logging facility of Directory Server Enterprise Edition.

Defining Logging Policies

Each Directory Server in a topology stores logging information in three files:

Each Directory Proxy Server in a topology stores logging information in two files:

You can manage the log files for both Directory Server and Directory Proxy Server in these ways:

Defining Log File Creation Policies

A log file creation policy enables you to periodically archive the current log and start a new log file. Log file creation policies can be defined for Directory Server and Directory Proxy Server from the Directory Control Center or using the command-line utilities.

When defining a log file creation policy, consider the following:

Log file rotation can also be based on a combination of criteria. For example, you can specify that logs be rotated at 23h30 only if the file size is greater than 10 Megabytes.

For details on how to set up a log file creation policy, see Configuring Logs for Directory Server in Sun Java System Directory Server Enterprise Edition 6.1 Administration Guide.

Defining Log File Deletion Policies

A log file deletion policy enables you to automatically delete old archived logs. Log file deletion policies can be defined for Directory Server and Directory Proxy Server from the Directory Service Control Center or using the command-line utilities. A log file deletion policy is not applied unless you have defined a log file creation policy. Log file deletion will not work if you have just one log file. The server evaluates and applies the log file deletion policy at the time of log rotation.

When defining a log file deletion policy, consider the following:

For details on how to set up a log file deletion policy, see Configuring Logs for Directory Server in Sun Java System Directory Server Enterprise Edition 6.1 Administration Guide.

Manually Creating and Deleting Log Files

Manual file rotation and forced log rotation do not apply to Directory Proxy Server.

If you do not want to define automatic creation and deletion policies for Directory Server, you can create and delete log files manually. In addition, Directory Server provides a task that enables you to rotate any log immediately, regardless of the defined creation policy. This functionality might be useful if, for example, an event occurs that needs to be examined in more detail. The immediate rotation function causes the server to create a new log file. The previous file can therefore be examined without the server appending logs to this file.

For information about how to rotate logs manually and how to force log rotation, see Rotating Directory Server Logs Manually in Sun Java System Directory Server Enterprise Edition 6.1 Administration Guide.

Defining Permissions on Log Files

In previous versions of Directory Server, log files could only be read by the directory manager. Directory Server Enterprise Edition enables server administrators to define the permissions with which log files are created. For information about how to define log file permissions, see Configuring Logs for Directory Server in Sun Java System Directory Server Enterprise Edition 6.1 Administration Guide.