Provided by: slapd_2.5.13+dfsg-1ubuntu1_amd64 bug

NAME
       slapo-auditlog - Audit Logging overlay to slapd


SYNOPSIS
       /etc/ldap/slapd.conf

       /etc/ldap/slapd.d


DESCRIPTION
       The Audit Logging overlay can be used to record all changes on a given backend database to
       a specified log file. Changes are logged as standard  LDIF,  with  an  additional  comment
       header  providing  six  fields of information about the change. A second comment header is
       added at the end of the operation to note the termination of the change.

       For Add and Modify operations the identity comes from the  modifiersName  associated  with
       the  operation.  This  is  usually the same as the requestor's identity, but may be set by
       other overlays to reflect other values.


CONFIGURATION
       This slapd.conf option applies to the Audit Logging overlay.  It should appear  after  the
       overlay directive.

       auditlog <filename>
              Specify the fully qualified path for the log file.

       olcAuditlogFile <filename>
              For use with cn=config


COMMENT FIELD INFORMATION
       The first field is the operation type.
       The second field is the timestamp of the operation in seconds since epoch.
       The third field is the suffix of the database.
       The fourth field is the recorded modifiersName.
       The fifth field is the originating IP address and port.
       The  sixth field is the connection number. A connection number of -1 indicates an internal
       slapd operation.


EXAMPLE
       The following LDIF could be used to add this overlay to cn=config (adjust to suit)

              dn: olcOverlay=auditlog,olcDatabase={1}mdb,cn=config
              changetype: add
              objectClass: olcOverlayConfig
              objectClass: olcAuditLogConfig
              olcOverlay: auditlog
              olcAuditlogFile: /tmp/auditlog.ldif


EXAMPLE CHANGELOG
              # modify 1614223245 dc=example,dc=com cn=admin,dc=example,dc=com IP=[::1]:47270 conn=1002
              dn: uid=joepublic,ou=people,dc=example,dc=com
              changetype: modify
              replace: displayName
              displayName: Joe Public
              -
              replace: entryCSN
              entryCSN: 20210225032045.045229Z#000000#001#000000
              -
              replace: modifiersName
              modifiersName: cn=admin,dc=example,dc=com
              -
              replace: modifyTimestamp
              modifyTimestamp: 20210225032045Z
              -
              # end modify 1614223245


FILES
       /etc/ldap/slapd.conf
              default slapd configuration file

       /etc/ldap/slapd.d
              default slapd configuration directory


SEE ALSO
       slapd.conf(5), slapd-config(5).