Audit logging overlay to slapd
/etc/ldap/slapd.conf
/etc/ldap/slapd.d
The Audit Logging overlay can be used to record all changes on a given backend database to a specified log file. Changes are logged as standard LDIF, with an additional comment header giving the timestamp of the change and the identity of the user making the change.
For Add and Modify operations the identity comes from the modifiersName associated with the operation. This is usually the same as the requestor's identity, but may be set by other overlays to reflect other values.
This slapd.conf option applies to the Audit Logging overlay. It should appear after the overlay directive.
auditlog <filename>
Specify the fully qualified path for the log file.
olcAuditlogFile <filename>
For use with cn=config
The following LDIF could be used to add this overlay to cn=config (adjust to suit)
dn: olcOverlay=auditlog,olcDatabase={1}hdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcAuditLogConfig olcOverlay: auditlog olcAuditlogFile: /tmp/auditlog.ldif
/etc/ldap/slapd.conf
default slapd configuration file
/etc/ldap/slapd.d
default slapd configuration directory