PingDirectory

Access log format

The access log has a standard format that lists various elements identifying the connection and operation occurring within the PingDirectory server.

By default, each operation generates one access log message.

The access log displays the following common properties.

Property Description

Timestamp

Displays the date and time of the operation. Format: DD/Month/ YYYY:HH:MM:SS <offset from UTC time>

Connection Type

Displays the connection type requested by the client and the response by the server. Examples include the following:

  • CONNECT

  • BIND REQUEST/RESULT

  • DISCONNECT

  • SEARCH REQUEST/RESULT

  • MODIFY REQUEST/RESPONSE

  • ABANDON

  • ADD

  • COMPARE

  • DELETE

  • EXTENDED OPERATION

  • MODIFY

  • MODIFY DN

Connection ID

Numeric identifier, starting incrementally with 0, that identifies the client connection that is requesting the operation. The connection ID is unique for a span of time on a single server. Values of the connection ID are re-used when the server restarts or when it has had enough connections to cause the identifier to wrap back to zero.

Operation ID

Numeric identifier, starting incrementally with 0, that identifies the operation. The operation ID is unique for a span of time on a single server. Values of the operation ID are re-used when the server restarts or when it has serviced enough operations to cause the identifier to wrap back to zero.

Result Code

LDAP result code that determines the success or failure of the operation result. Result messages include a result element that indicates whether the operation succeeded or failed, the general category for the failure, and an etime element that indicates the length of time in milliseconds that the server spent processing the operation.

The PingDirectory server provides a useful tool <server-root>/bin/ldap-result-code (UNIX, Linux) or <server-root>\bat\ldap-result-code (Windows), that displays all of the result codes used in the system. You can use the utility if you are not sure what a result code means. For example, use the following:

  • ldap-result-code --list displays all of the defined result codes in the PingDirectory server.

  • ldap-result-code --int-value 16654 displays the name of the result code with a numeric value of 16654.

  • ldap-result-code --search operation displays a list of all result codes whose name includes the substring "operation".

Elapsed Time

Displays the elapsed time (milliseconds) during which the operation completed its processing.

Message ID

Numeric identifier, starting incrementally with 1, that identifies the LDAP message used to request the operation.