Red Hat 8.1 User Manual
Page 25
This attribute sets the maximum amount of disk space in megabytes that the audit logs are allowed to
consume. If this value is exceeded, the oldest audit log is deleted.
When setting a maximum disk space, consider the total number of log files that can be created due to log
file rotation. Also remember that there are three different log files (access log, audit log, and error log)
maintained by the Directory Server, each of which consumes disk space. Compare these considerations
with the total amount of disk space for the audit log.
Parameter
Description
Entry DN
cn=config
Valid Range
-1 | 1 to the maximum 32 bit integer value
(2147483647), where a value of -1 means that
the disk space allowed to the audit log is
unlimited in size.
Default Value
-1
Syntax
Integer
Example
nsslapd-auditlog-logmaxdiskspace: 10000
2.3.1.26. nsslapd-auditlog-logminfreediskspace (Audit Log Minimum Free Disk Space)
This attribute sets the minimum permissible free disk space in megabytes. When the amount of free disk
space falls below the value specified by this attribute, the oldest audit logs are deleted until enough disk
space is freed to satisfy this attribute.
Parameter
Description
Entry DN
cn=config
Valid Range
-1 (unlimited) | 1 to the maximum 32 bit integer
value (2147483647)
Default Value
-1
Syntax
Integer
Example
nsslapd-auditlog-logminfreediskspace: -1
2.3.1.27. nsslapd-auditlog-logrotationsync-enabled (Audit Log Rotation Sync Enabled)
This attribute sets whether audit log rotation is to be synchronized with a particular time of the day.
Synchronizing log rotation this way can generate log files at a specified time during a day, such as
midnight to midnight every day. This makes analysis of the log files much easier because they then map
directly to the calendar.
For audit log rotation to be synchronized with time-of-day, this attribute must be enabled with the
nsslapd-auditlog-logrotationsynchour and nsslapd-auditlog-logrotationsyncmin attribute
values set to the hour and minute of the day for rotating log files.
For example, to rotate audit log files every day at midnight, enable this attribute by setting its value to on,
and then set the values of the nsslapd-auditlog-logrotationsynchour and nsslapd-auditlog-
logrotationsyncmin attributes to 0.
Parameter
Description
Entry DN
cn=config
Valid Values
on | off
Default Value
off
Syntax
DirectoryString
Example
nsslapd-auditlog-logrotationsync-enabled: on
2.3.1.28. nsslapd-auditlog-logrotationsynchour (Audit Log Rotation Sync Hour)
This attribute sets the hour of the day for rotating audit logs. This attribute must be used in conjunction
with nsslapd-auditlog-logrotationsync-enabled and nsslapd-auditlog-logrotationsyncmin
attributes.
Parameter
Description
Entry DN
cn=config
Valid Range
0 through 23
Default Value
None (because nsslapd-auditlog-
logrotationsync-enabled is off)
Syntax
Integer
Example
nsslapd-auditlog-logrotationsynchour: 23
Red Hat Directory Server 8.1 Configuration and Command Reference
25