Oracle® Fusion Middleware Man Page Reference for Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) Part Number E28967-01 |
|
|
PDF · Mobi · ePub |
analyze Directory Server access logs
Synopsis
install-path/dsrk/bin/logconv [options] logfile...
Description
The logconv
command analyzes Directory Server access logs, specified as the logfile argument to the command, to extract usage statistics and count occurrences of significant events.
As the logconv
command depends on the content of the access logs, output depends on the quantity of information present in the access logs. Refer to the Directory Server documentation for instructions on how adjust how much information Directory Server writes to the access logs.
The user running the logconv
command must have at least read access to the Directory Server log files.
The logconv
command ignores log files named access.rotationinfo
.
Options
The logconv
command supports the following options.
Options specified here without a preceding dash (-
) may be specified in any order, but must be specified together as a single option such as -abcefgijlnrtux
.
-A0
filenameWrite statistics on client activity based on the number of operations to the specified file.
This option overrides the use of options in the list -abcefgijlnrtux
.
-A1
filenameWrite statistics on client activity based on the number of connections to the specified file.
This option overrides the use of options in the list -abcefgijlnrtux
.
-a
List the most frequently used base DNs.
-B
filenameWrite statistics on the most frequently used bind DNs to the specified file.
This option overrides the use of options in the list -abcefgijlnrtux
.
-b
List the most frequently used bind DNs.
-C
filenameWrite statistics on the number of operations performed per connection to the specified file.
This option overrides the use of options in the list -abcefgijlnrtux
.
-c
List the number of occurrences for each type of connection code.
-DELIM
Generate a field-delimited, formatted report when using the -B
or -R
options.
You can import this report into a spreadsheet application.
-d
rootDNUse the specified DN to identify operations performed by Directory Manager.
Default is cn=Directory Manager
.
-E
errorCodeGenerate statistics on occurrences of the specified error code.
This option overrides the use of options in the list -abcefgijlnrtux
.
-e
List the most frequently occurring error and return codes.
-f
List the bind DNs with the most failed binds due to invalid credentials.
-g
List details of all abandoned operations.
-h
Display the usage message.
-I
intervalUse the specified interval for reporting when generating a report using the -B
or -R
options. The interval may be MINUTE
, HOUR
, DAY
, or MONTH
.
-i
List the IP addresses and connection codes for clients opening the most connections.
This option helps detect clients that may attempt to compromise security.
-j
Generate recommendations based on the data collected.
-l
List the most frequently occurring search filters.
-N
Resolve IP addresses to host names.
Using this option may impact performance.
-n
List the largest and most frequent number of entries per result (nentries
).
-P
filenameWrite a report on pending operations to the specified file.
This option overrides the use of options in the list -abcefgijlnrtux
.
-R
filenameWrite a report on operations to the specified file.
This option overrides the use of options in the list -abcefgijlnrtux
.
-r
List the most frequently requested attributes.
-s
numberReturn the specified number of results per category.
Default is 20.
-t
List the longest and most frequent operation times (etimes
).
-u
List details about unindexed searches.
-V
Enable verbose output. Same as -abcefgijlnrtux
.
-v
Display version information and exit.
-X
IPAddressExclude operations originating from clients with the specified IP address, for example when repeated health check operations come from a load balancer.
Repeat this option to exclude multiple addresses.
-x
List the number and OID of all extended operations requested.
Extended Description
The logconv
command generates three types of statistics useful for monitoring Directory Server use and optimizing Directory Server configuration:
Counts of events such as total binds and total searches performed
Lists of the most frequently occurring parameters in LDAP requests
For example, the logconv
command generates lists of the top ten bind DNs, base DNs, filter strings, and attributes returned. As generating such lists is computation intensive, you must explicitly request their generation using the appropriate options.
Counts of occurrences for error codes such as those defined in <ldap.h
>
Performance of the logconv
command is affected by the volume of data in the access logs. To ensure acceptable performance, avoid running the logconv
command on more than 1 GB of access logs at a time.
Furthermore, some of the data extracted depends on connection and operation numbers reset when you restart Directory Server. To obtain the most accurate counts, avoid analyzing logs that span a server restart.
Examples
Examples in this section use the following conventions:
The logconv
command is found in a directory present in the PATH
used for the examples.
Directory Server stores access logs in /var/ds/logs
.
The current user has read access to the logs.
logconv
: Generating Statistics and RecommendationsThe following command generates statistics on client connections, binds, abandoned operations, and unindexed searches, and generates recommendations for performance improvements and further investigation:
$ logconv -ibgju /var/ds/logs/access*
logconv
: Examining Binds with Invalid CredentialsThe following command counts the number of times clients attempted to bind with invalid credentials, error 49 LDAP_INVALID_CREDENTIALS
, resolving client IP addresses to host names:
$ logconv -N -E 49 /var/ds/logs/access*
logconv
: Generating a ReportThe following command generates a field delimited report on operations, suitable for import into a spreadsheet application:
$ logconv -DELIM -R report.txt /var/ds/logs/access $ cat report.txt Year|Month|Day|Time|Operations|Results|Performance|Connections| Searches|Modifications|Adds|Deletes|Modrdns|Binds|Extended Ops|Compares 2009|Apr|05|07:51:04|18119|18129|100.1%|10|0|0|0|0|0|18119|0|0 2009|Apr|05|08:09:30|12875|12883|100.1%|12878|0|0|0|0|0|12875|0|0
Long lines in this example have been wrapped for readability.
Exit Status
The logconv
command exits with status 0
if it completes successfully. Otherwise it exits with non-zero status.
Attributes
See attributes
(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability |
Zip distribution only |
Stability Level |
Evolving |