PingDirectory

Logging Tools

The PingDirectory server provides tools that can be used to access content in access and error log files.

search-logs

Use the search-logs tool to search for content in log files. This tool provides grep-like support for searching log files, but it offers the a number of additional benefits, including:

  • It can automatically trace backward through rotated log files to find matching records in older log files.

  • It supports searching log files that are compressed and encrypted.

  • It can handle multi-line messages.

  • It allows you to specify start and end times for the messages to match.

summarize-access-log

Use the summarize-access-log tool to examine one or more access log files and produce a plain-text report of the log data that they contain. The output can include:

  • The length of time covered by the log files that were examined

  • The number of connections that were established and disconnected

  • The addresses of the clients that most frequently connected to the server

  • The average rate of connects and disconnects per second

  • The most common TLS protocols and cipher suites

  • The number of operations processed, both overall and by operation type

  • The average rate of operations processed per second, both overall and by operation type

  • The average duration of operations processed, both overall and by operation type

  • The breakdown of operation processing times into sets of predefined buckets, ranging from less than one millisecond to over one minute

  • A breakdown of the most common result codes for each type of operation and their relative frequencies

  • The most common authentication mechanisms

  • The most common bind distinguished names (DNs) for successful and failed bind attempts

  • The most common types of extended operations processed and their relative frequencies

  • The number of unindexed search operations processed and the most common types of filters used when processing unindexed searches

  • The most common base DNs for searches with non-baseObject scopes

  • The relative frequencies for each search scope

  • The most common types of search filters used and their relative frequencies

  • The most common types of filters for searches returning zero, one, and multiple entries

  • Filters used for searches that took the longest to complete

The summarize-access-log tool supports operating on log files that are compressed and encrypted. It also attempts to anonymize sensitive information in the output by replacing attribute values with placeholders.