 - White.png){kind=logo}
Need to adjust your OpenLDAP/slapd log level? Here's some useful notes
Referring to the slapd config pages, there are many log levels that can be set, plus multiple permutations of all. All debug logging relies on having --enable-debug being set in your slapd installation.
| Level | Keyword | Description |
|---|---|---|
| -1 | any | enable all debu'gging |
| 0 | no debugging | |
| 1 | (0x1 trace) | trace function calls |
| 2 | (0x2 packets) | debug packet handling |
| 4 | (0x4 args) | heavy trace debugging |
| 8 | (0x8 conns) | connection management |
| 16 | (0x10 BER) | print out packets sent and received |
| 32 | (0x20 filter) | search filter processing |
| 64 | (0x40 config) | configuration processing |
| 128 | (0x80 ACL) | access control list processing |
| 256 | (0x100 stats) | stats log connections/operations/results |
| 512 | (0x200 stats2) | stats log entries sent |
| 1024 | (0x400 shell) | print communication with shell backends |
| 2048 | (0x800 parse) | print entry parsing debugging |
| 16384 | (0x4000 sync) | syncrepl consumer processing |
| 32768 | (0x8000 none) | only messages that get logged whatever log level is set |
Either by adding together (ORing) the numerical values, or by specifying the named values, create a ldif file with the desired settings and import it.
For example, values can be specified similar to:
loglevel 129
loglevel 0x81
loglevel 128 1
loglevel 0x80 0x1
loglevel acl traceBuilding that into a sample ldif file, you should have something similar to:
cn=config
changeType: modify
replace: olcLogLevel
olcLogLevel: acl traceSaving this as olcLogLevel.ldif, it can then be imported by using the following command:
ldapmodify -H ldapi:/// -D cn=admin,cn=config -W -f olcLogLevel.ldifYou will be prompted for the relevant password with the use of the -W option.
On successful import you should see the content in your logs change.
--
Ref: https://www.openldap.org/doc/admin24/slapdconfig.html - Section 6.2.1.5