centos_openldap_audit_log
Table of Contents
CentOS 7 - OpenLDAP 2.4 audit log
Configure the steps below on the provider (master) or servers where changes to the directory can be made. Audit logging will be saved as LDIF format.
Configure the audit module
- Load the module:
# ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib64/openldap/ olcModuleLoad: auditlog.la EOF
- Create log directory:
mkdir -p /var/log/slapd chmod 755 /var/log/slapd/ chown ldap. /var/log/slapd/
- Add overlay:
# ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF dn: olcOverlay=auditlog,olcDatabase={2}hdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcAuditLogConfig olcOverlay: auditlog olcAuditlogFile: /var/log/slapd/auditlog.log EOF
Configure log rotate
- Configure log rotate, create the following file /etc/logrotate.d/slapd-audit:
# vim /etc/logrotate.d/slapd-audit /var/log/slapd/auditlog.log { notifempty missingok monthly rotate 3 compress copytruncate }
- Test log rotation:
logrotate --force /etc/logrotate.d/slapd-audit
centos_openldap_audit_log.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1