You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by Howard Chu <hy...@symas.com> on 2007/11/14 18:32:34 UTC

[ApacheDS] Change log ietf draft

> This is really not a change log draft. It goes beyond and logs any LDAP
> operation. More to come soon..

Right, it's a superset of a change log. It can be used solely as a change log 
if desired. The OpenLDAP implementation lets you choose which specific types 
of operation to log as well as classes of ops (reads, writes, etc.). The 
delta-syncrepl implementation in OpenLDAP relies on it as a change log, but 
some sites use it to log everything.

I think the motivation is already explained in the doc - LDAP is the hammer, 
everything else is a nail; there's no need to use multiple protocols to 
administer all the servers in an enterprise when LDAP will do it all 
conveniently and securely.

It's been pointed out to me that this isn't currently a complete replacement 
for syslog; it doesn't record events that are not directly associated with 
LDAP operations. E.g. connection accept() and close() events are missing, nor 
does it log spontaneously generated errors. That hasn't been a big issue so far.

> On 9/29/07, Alex Karasulu <ak...@apache.org> wrote:
>>
>> Hi,
>>
>> Howard just pointed me over to the following closely related draft here:
>>
>>    http://www.highlandsun.com/hyc/drafts/draft-chu-ldap-logschema-xx.html
>>
>> Thoughts?
>>
>> Alex
>>

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/