How do I set up a Directory Server to display real-time verbose logs of system activity?

Issue

How do I set up a Directory Server to display real-time verbose logs of system activity?

Solution

To watch the realtime verbose logs of Directory Server activity, do the following:

1. Use the Log Addroute command to turn set up logging for the directory server, and the Dir Setlogging Protocol command to turn logging on. For example:

Log Addroute "" DIR.* Watch ""

OK Completed

Dir Setlogging Protocol On

OK Completed

2. Use the Log Watch command to watch the activity. For example:

Log Watch DIR.* New

+idling

3. Issue a test query from another telnet session. For example:

Ldap Testquery user:mailhost asdf

results in the following log:

205111 example.com 1038010087.132 DIR.SERVER.PROTOCOL 1 1 bindRequest version 3 name "" authentication simple

205112 example.com 1038010087.132 DIR.SERVER.PROTOCOL 1 1 bindResponse resultCode success matchedDN "" errorMessage ""

205113 example.com 1038010087.132 DIR.SERVER.PROTOCOL 1 2 searchRequest baseObject "dc=gx163,dc=net" scope wholeSubtree derefAliases neverDerefAliases sizeLimit 0

timeLimit 0 typesOnly FALSE filter or (filter equalityMatch (attributeDesc "uid" attributeValue "asdf"), filter equalityMatch (attributeDesc "mail" attributeValue "asdf")) attributes ("mailhost" "mail" "mail" "uid" "cn")

205114 example.com 1038010087.133 DIR.SERVER.PROTOCOL 1 2 searchDone resultCode noSuchObject matchedDN "" errorMessage "No such object"

205115 example.com 1038010087.134 DIR.SERVER.PROTOCOL 1 3 searchRequest baseObject "dc=gx163,dc=net" scope wholeSubtree derefAliases neverDerefAliases sizeLimit 0

timeLimit 0 typesOnly FALSE filter or (filter equalityMatch (attributeDesc "uid" attributeValue "@cs7.cs.mirapoint.com"), filter equalityMatch (attributeDesc "mail" attributeValue

"@example.com")) attributes ("mailhost" "mail" "mail" "uid" "cn")

205116 example.com 1038010087.134 DIR.SERVER.PROTOCOL 1 3 searchDone resultCode noSuchObject matchedDN "" errorMessage "No such object"

205117 example.com 1038010087.135 DIR.SERVER.PROTOCOL 1 4 searchRequest baseObject "dc=gx163,dc=net" scope wholeSubtree derefAliases neverDerefAliases sizeLimit 0

timeLimit 0 typesOnly FALSE filter or (filter equalityMatch (attributeDesc "uid" attributeValue "@"), filter equalityMatch (attributeDesc "mail" attributeValue "@")) attributes ("mailhost"

"mail" "mail" "uid" "cn")

205118 example.com 1038010087.135 SERVER.PROTOCOL 1 4 searchDone resultCode noSuchObject matchedDN "" errorMessage "No such object"

4. To terminate the log watch session, enter the following command:

Log Watch Done

By configuring the Mirapoint to send these events to a syslog server, you can have the Syslog server to write them to a disk file which you can retrospectively use for debugging analysis.

For more information on setting up logging, see the CLI online help; enter the Help Log Addroute command to display instructions on how to set this up on the Mirapoint.