2.3.1.31nsslapd-auditlog-maxlogsize (Audit log maximum log size)

This attribute sets the maximum audit log size in megabytes. When this value is reached, the audit log is rotated. That means the server starts writing log information to a new log file. If nsslapd-auditlog-maxlogsperdirto 1, the server ignores this attribute.

When setting a maximum log size, consider the total number of log files that can be created due to log file rotation. Also, remember that there are three different log files (access log, audit log, and error log) maintained by the Directory Server, each of which consumes disk space. Compare these considerations to the total amount of disk space for the audit log.

Parameter

Description

Entry DN

cn=config

Valid Range

-1 1 to the maximum 32-bit integer value (2147483647), where a value of -1 means the log

 

file is unlimited in size.

Default Value

100

Syntax

Integer

Example

nsslapd-auditlog-maxlogsize: 50

2.3.1.32 nsslapd-auditlog-maxlogsperdir (Audit log maximum number of log files)

This attribute sets the total number of audit logs that can be contained in the directory where the audit log is stored. Each time the audit log is rotated, a new log file is created. When the number of files contained in the audit log directory exceeds the value stored on this attribute, then the oldest version of the log file is deleted. The default is 1 log. If this default is accepted, the server will not rotate the log, and it grows indefinitely.

If the value for this attribute is higher than 1, then check the nsslapd-auditlog-logrotationtimeattribute to establish whether log rotation is specified. If the nsslapd-auditlog-logrotationtimeattribute has a value of -1, then there is no log rotation. See “nsslapd-auditlog-logrotationtime (Audit log rotation time)” for more information.

Parameter

Description

Entry DN

cn=config

Valid Range

1 to the maximum 32-bit integer value (2147483647)

Default Value

1

Syntax

Integer

Example

nsslapd-auditlog-maxlogsperdir: 10

2.3.1.33 nsslapd-auditlog-mode (Audit log file permission)

This attribute sets the access mode or file permissions with which audit log files are to be created. The valid values are any combination of 000 to 777 because they mirror numbered or absolute UNIX file permissions. The value must be a combination of a 3-digit number, the digits varying from 0 through 7:

Digit

Description

Digit

Description

0

None

4

Read only

1

Execute only

5

Read and execute

2.3 Core server configuration attributes reference

35

Page 35
Image 35
HP UX Identity Security Software manual Nsslapd-auditlog-maxlogsize Audit log maximum log size, None Read only Execute only