Configure the steps below on the provider (master) or servers where changes to the directory can be made. Audit logging will be saved as LDIF format.

• Load the module:

  # ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF
  dn: cn=module,cn=config
  objectClass: olcModuleList
  cn: module
  olcModulePath: /usr/lib64/openldap/
  olcModuleLoad: auditlog.la
  EOF

• Create log directory:

  mkdir -p /var/log/slapd
  chmod 755 /var/log/slapd/
  chown ldap. /var/log/slapd/

• Add overlay:

  # ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF
  dn: olcOverlay=auditlog,olcDatabase={2}hdb,cn=config
  changetype: add
  objectClass: olcOverlayConfig
  objectClass: olcAuditLogConfig
  olcOverlay: auditlog
  olcAuditlogFile: /var/log/slapd/auditlog.log
  EOF

• Configure log rotate, create the following file /etc/logrotate.d/slapd-audit:

  # vim /etc/logrotate.d/slapd-audit
  /var/log/slapd/auditlog.log {
      notifempty
      missingok
      monthly
      rotate 3
      compress
      copytruncate
  }

• Test log rotation:

  logrotate --force /etc/logrotate.d/slapd-audit