Table 7.25. information extracted from access logs, Syntax, Options – Red Hat 8.1 User Manual
Page 226
Table 7.25. Information Extracted from Access Logs
Number of restarts
Total number of connections
Total operations requested
Total results returned
Results to requests ratio
Number of searches
Number of modifications
Number of adds
Number of deletes
Number of modified RDNs
Persistent searches
Internal operations (with verbose logs)
Entry operations (with verbose logs)
Extended operations
Abandoned requests
Smart referrals received (verbose logs)
VLV (virtual list view) operations
VLV unindexed searches
Server-side sorting operations
SSL connections
Performance lowering operations:
Entire database searches
Unindexed searches (details optional)
FDs (file descriptors) taken
FDs returned
Highest FD taken
Disruptions:
Broken pipes
Connections reset by peer
Unavailable resources (and detail)
Total binds and types of binds
Most frequent occurrence lists (optional)
Error and return codes
Failed logins
Connection codes
Client IP addresses and connection codes
Bind DNs
Base DNs for searching
Search filters
Etimes (elapsed operation time)
Longest etimes
Nentries (number of entries in result)
Largest Nentries
Extended operations
Most requested attributes
Recommendations (optional)
The logconv.pl tool displays two types of statistics useful for monitoring and optimizing directory
usage:
Simple counts of events such as the total number of binds and the total number of searches provide
overall usage information. This is the basic information that the tool will always print.
Lists of the most frequently occurring parameters in LDAP requests provide insight into how the
directory information is being accessed. For example, lists of the top ten bind DNs, base DNs, filter
strings, and attributes returned can help administrators optimize the directory for its users. These
lists are optional because they are computation intensive: specify only the command-line options
required (see
).
Some information that is extracted by the logconv.pl script is available only in logs from current
releases of Directory Server; the corresponding values will be zero when analyzing logs from older
versions. In addition, some information will only be present in the logs if verbose logging is enabled in
the Directory Server. For more information, see
Section 2.3.1.2, “nsslapd-accesslog-level (Access Log
The following issues will affect the output and performance of this tool:
Some data extracted from logs depend on connection and operation numbers that are reset and no
longer unique after a server restarts. Therefore, to obtain the most accurate counts, the logs to be
analyzed should not span the restart of the Directory Server.
Due to changes in access log format in current releases of Directory Server that affected operation
numbers, the tool will be more accurate logs from current versions when processing large amounts
of access logs.
For performance reasons, it is not recommended to run more than one gigabyte of access logs
through the script at any one time.
Syntax
logconv.pl [ -S startTimestamp ] [ -E endTimestamp ] [ -d mgrDN ] [ -X ipAddress ] [ -v ] [ -h ] [ -s
size_limit ] [ -V ] [ -efcibaltnxgjuyp ] [ accessLog ]
Options
Table 7.26, “logconv.pl Options”
describes the logconv.pl command-line options.
226
Chapter 7. Command-Line Scripts