Ben Stienstra

Linux, Unix, network, radio and more...

User Tools

Site Tools


centos_openldap_audit_log

CentOS 7 - OpenLDAP 2.4 audit log

Configure the steps below on the provider (master) or servers where changes to the directory can be made. Audit logging will be saved as LDIF format.

Configure the audit module

  • Load the module:
    # ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF
    dn: cn=module,cn=config
    objectClass: olcModuleList
    cn: module
    olcModulePath: /usr/lib64/openldap/
    olcModuleLoad: auditlog.la
    EOF
  • Create log directory:
    mkdir -p /var/log/slapd
    chmod 755 /var/log/slapd/
    chown ldap. /var/log/slapd/
  • Add overlay:
    # ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF
    dn: olcOverlay=auditlog,olcDatabase={2}hdb,cn=config
    changetype: add
    objectClass: olcOverlayConfig
    objectClass: olcAuditLogConfig
    olcOverlay: auditlog
    olcAuditlogFile: /var/log/slapd/auditlog.log
    EOF

Configure log rotate

  • Configure log rotate, create the following file /etc/logrotate.d/slapd-audit:
    # vim /etc/logrotate.d/slapd-audit
    /var/log/slapd/auditlog.log {
        notifempty
        missingok
        monthly
        rotate 3
        compress
        copytruncate
    }
  • Test log rotation:
    logrotate --force /etc/logrotate.d/slapd-audit
centos_openldap_audit_log.txt · Last modified: 2015/09/15 11:57 by admin