--- title: Logging tools description: The PingDirectory server provides tools that can be used to access content in access and error log files. component: pingdirectory version: 11.0 page_id: pingdirectory:pingdirectory_security_guide:pd_sec_logging_tools canonical_url: https://docs.pingidentity.com/pingdirectory/11.0/pingdirectory_security_guide/pd_sec_logging_tools.html revdate: September 13, 2023 section_ids: search-logs: search-logs summarize-access-log: summarize-access-log --- # Logging tools The PingDirectory server provides tools that can be used to access content in access and error log files. ## `search-logs` Use the `search-logs` tool to search for content in log files. This tool provides grep-like support for searching log files, but it offers several additional benefits, including: * It can automatically trace backward through rotated log files to find matching records in older log files. * It supports searching log files that are compressed and encrypted. * It can handle multi-line messages. * It allows you to specify start and end times for the messages to match. ## `summarize-access-log` Use the `summarize-access-log` tool to examine one or more access log files and produce a plain-text report of the log data that they contain. The output can include: * The length of time covered by the log files that were examined * The number of connections that were established and disconnected * The addresses of the clients that most frequently connected to the server * The average rate of connects and disconnects per second * The most common TLS protocols and cipher suites * The number of operations processed, both overall and by operation type * The average rate of operations processed per second, both overall and by operation type * The average duration of operations processed, both overall and by operation type * The breakdown of operation processing times into sets of predefined buckets, ranging from less than one millisecond to over one minute * A breakdown of the most common result codes for each type of operation and their relative frequencies * The most common authentication mechanisms * The most common bind distinguished names (DNs) for successful and failed bind attempts * The most common types of extended operations processed and their relative frequencies * The number of unindexed search operations processed and the most common types of filters used when processing unindexed searches * The most common base DNs for searches with non-baseObject scopes * The relative frequencies for each search scope * The most common types of search filters used and their relative frequencies * The most common types of filters for searches returning zero, one, and multiple entries * Filters used for searches that took the longest to complete The `summarize-access-log` tool supports operating on log files that are compressed and encrypted. It also attempts to anonymize sensitive information in the output by replacing attribute values with placeholders.