Configure the steps below on the provider (master) or servers where changes to the directory can be made. Audit logging will be saved as LDIF format.
# ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib64/openldap/ olcModuleLoad: auditlog.la EOF
mkdir -p /var/log/slapd chmod 755 /var/log/slapd/ chown ldap. /var/log/slapd/
# ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF dn: olcOverlay=auditlog,olcDatabase={2}hdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcAuditLogConfig olcOverlay: auditlog olcAuditlogFile: /var/log/slapd/auditlog.log EOF
# vim /etc/logrotate.d/slapd-audit /var/log/slapd/auditlog.log { notifempty missingok monthly rotate 3 compress copytruncate }
logrotate --force /etc/logrotate.d/slapd-audit