2.3.1.23 nsslapd-auditlog-logging-enabled (Audit log enable logging)

Turns audit logging on and off.

Parameter

Description

Entry DN

cn=config

 

 

Valid Values

on or off

 

 

Default Value

off

 

 

Syntax

DirectoryString

 

 

Example

nsslapd-auditlog-logging-enabled: off

 

 

For audit logging to be enabled, this attribute must have a valid path and parameter and the nsslapd-auditlog-logging-enabledconfiguration attribute must be switched to on. Table 2-5lists the four possible combinations of values for these two configuration attributes and their outcome in terms of disabling or enabling of audit logging.

Table 2-5 Attribute values for enabling or disabling audit logging

Value of the

 

 

nsslapd-auditlog-logging-enabled

 

 

Attribute

Value of the nsslapd-auditlog Attribute

Resulting logging state

 

 

 

on

empty string

Disabled

 

 

 

on

filename

Enabled

 

 

 

off

empty string

Disabled

 

 

 

off

filename

Disabled

 

 

 

2.3.1.24 nsslapd-auditlog-logmaxdiskspace (Audit log maximum disk space)

This attribute sets the maximum amount of disk space in megabytes that the audit logs are allowed to consume. If this value is exceeded, the oldest audit log is deleted.

When setting a maximum disk space, consider the total number of log files that can be created due to log file rotation. Also remember that there are three different log files (access log, audit log, and error log) maintained by the Directory Server, each of which consumes disk space.

Compare these considerations with the total amount of disk space for the audit log.

Parameter

Description

Entry DN

cn=config

 

 

Valid Range

-1 1 to the maximum 32-bit integer value (2147483647), where a value of -1 means that the

 

disk space allowed to the audit log is unlimited in size.

 

 

Default Value

500

 

 

Syntax

Integer

 

 

Example

nsslapd-auditlog-logmaxdiskspace: 500

 

 

32 Core server configuration reference