Skip Navigation Links | |
Exit Print View | |
Oracle Directory Server Enterprise Edition Reference 11 g Release 1 (11.1.1.5.0) |
1. Directory Server Enterprise Edition File Reference
Software Layout for Directory Server Enterprise Edition
Directory Server Instance Default Layout
Directory Proxy Server Instance Default Layout
Part I Directory Server Reference
4. Directory Server LDIF and Search Filters
6. Directory Server Monitoring
7. Directory Server Replication
8. Directory Server Data Caching
11. Directory Server Groups and Roles
12. Directory Server Class of Service
14. Directory Server Internationalization Support
Part II Directory Proxy Server Reference
15. Directory Proxy Server Overview
16. Directory Proxy Server Load Balancing and Client Affinity
17. Directory Proxy Server Distribution
18. Directory Proxy Server Virtualization
19. Connections Between Directory Proxy Server and Backend LDAP Servers
20. Connections Between Clients and Directory Proxy Server
21. Directory Proxy Server Client Authentication
22. Security in Directory Proxy Server
23. Directory Proxy Server Logging
Introduction to Directory Proxy Server Logs
Error Logs for Directory Proxy Server
Access Logs for Directory Proxy Server
Format of an Access Log Message
Bind Logs for Directory Proxy Server
Connection Logs for Directory Proxy Server
Format of a Connection Log Message
Message Part in a Connection Log
Tracking Client Requests Through Directory Proxy Server and Directory Server Access Logs
Tracking Operations by Connection
Tracking Operations in Directory Proxy Server
Tracking Operations Between Directory Proxy Server and Directory Server
Access logs contain information about the requests being processed by Directory Proxy Server. Access logs contain information about two types of connections:
Connections between clients and Directory Proxy Server
Connections between Directory Proxy Server and data sources
Access log messages are categorized according to the cause of the message. The following table lists the categories of messages that can be included in the access log.
Table 23-2 Message Categories for Access Logs
|
Each message category can be configured with one of the following log-levels:
none No access messages are included in the log file.
info Informational messages are included in the log file.
all All messages are included in the log file. In most cases, this setting produces the same results as the info setting. In certain situations, this setting enables additional debugging messages to be logged.
inherited The log level is inherited from the value of the default-log-level property.
By default, the log level for each message category is inherited but for SERVER_OP_DETAIL, the log level is none. As the default-log-level property is info, all the message categories except SERVER_OP_DETAIL inherits the log level info.
The log-level of a message category works in conjunction with the severity level of a message to determine which messages are included in the log file. For more information, see Message Severity.
An access log message has this format:
timestamp - category - severity - connectionNumber operationNumber messageID operationType messageText
Example 23-2 shows an extract of an access log. The log shows a client request that starts with a message in the CONNECT category and ends with a message in the DISCONNECT category. The operation requested by the client is shown by the message in the OPERATION category, and results in several messages in the SERVER_OP category. The logged messages have the INFO and DEBUG severity.
Example 23-2 Extract of an Access Log
[07/Sep/2010:14:32:43 +0200] - PROFILE - INFO - conn=12 assigned to connection handler cn=default connection handler, cn=connection handlers, cn=config [07/Sep/2010:14:32:43 +0200] - CONNECT - INFO - conn=12 client=127.0.0.1:59723 server=localhost:14600 protocol=LDAP [07/Sep/2010:14:32:43 +0200] - OPERATION - INFO - conn=12 op=0 msgid=1 BIND dn="uid=jvedder,ou=people,dc=example,dc=com" method="SIMPLE" version=3 controls="" [07/Sep/2010:14:32:43 +0200] - SERVER_OP - INFO - conn=12 op=0 BIND dn="uid=jvedder,ou=people,dc=example,dc=com" method="SIMPLE" version=3 s_msgid=396 s_conn=dsource-1:2 [07/Sep/2010:14:32:43 +0200] - SERVER_OP - INFO - conn=12 op=0 BIND RESPONSE err=0 msg="" s_msgid=396 s_conn=dsource-1:2 etime=0 [07/Sep/2010:14:32:43 +0200] - OPERATION - INFO - conn=12 op=0 BIND RESPONSE err=0 msg="" etime=1 [07/Sep/2010:14:32:43 +0200] - OPERATION - INFO - conn=12 op=1 msgid=2 SEARCH base="uid=jvedder,ou=people,dc=example,dc=com" scope=2 controls="" filter="(objectclass=*)" attrs="*" [07/Sep/2010:14:32:43 +0200] - SERVER_OP - INFO - conn=12 op=1 SEARCH base="uid=jvedder,ou=people,dc=example,dc=com" scope=2 filter="(objectclass=*)" attrs="*" s_msgid=397 s_conn=dsource-1:2 [07/Sep/2010:14:32:43 +0200] - SERVER_OP - INFO - conn=12 op=1 SEARCH RESPONSE err=0 msg="" nentries=1 s_msgid=397 s_conn=dsource-1:2 etime=1 [07/Sep/2010:14:32:43 +0200] - OPERATION - INFO - conn=12 op=1 SEARCH RESPONSE err=0 msg="" nentries=1 etime=1 [07/Sep/2010:14:32:43 +0200] - OPERATION - INFO - conn=12 op=2 UNBIND [07/Sep/2010:14:32:43 +0200] - DISCONNECT - INFO - conn=12 reason="unbind"
Messages for the connections between a client and the Directory Proxy Server are labeled in the same way as in Directory Server. Table 23-4 describes parts of the messages between the client and the Directory Proxy Server in Example 23-2. For an explanation of all of the possible message parts, see Content of Access, Error, and Audit Logs.
Table 23-3 Message Parts for Connections Between a Client and a Directory Proxy Server
|
Messages for the connections between Directory Proxy Server and a data source are prefixed with s_. Table 23-4 describes parts of the messages between the Directory Proxy Server and the data source in Example 23-2.
Table 23-4 Message Parts for Connections Between a Directory Proxy Server and a Data Source
|
Access log messages are stored in a buffer. The buffer is flushed to the access log at the following times:
When the buffer is full
When the access log is rotated
When Directory Proxy Server is stopped
Every 2.5 seconds
By default, the size of the access log buffer is 1M. However, the size of the buffer can be configured to control the frequency with which it is flushed. Setting the buffer size to 0 will disable buffering (and make Directory Proxy Server slower).
The buffer is also flushed periodically, that is, every 2.5 seconds, if none of the other conditions is met.
You can configure the size of the access log buffer by setting the log-buffer-size property. For information about how to configure access log properties, see Configuring Directory Proxy Server Logs in Oracle Directory Server Enterprise Edition Administration Guide.