Generating access log summaries
The PingDirectory server provides a convenience tool, summarize-access-log
, that generates a summary of one or more file-based access logs.
About this task
The summary provides analytical metric information that could be useful for administrators. The following metrics are provided in each summary:
-
Total time span covered by the log files
-
Number of connections established and the average rate of new connections per second
-
IP addresses of up to the top 20 of the clients that most frequently connect to the server, the number of connections by each address, and the percentage of connections of each
-
Total number of operations processed, the number of operations of each type, the percentage of each type out of the total number, and the average rate per second for each type of operation
-
Average processing time for all operations and for each type of operation
-
Histogram of the processing times for each type of operation
-
Up to the 20 most common result codes for each type of operation, the number of operations of that type with that result code, and the percentage of operations of that type with that result code
-
Number of unindexed searches processed by the server
-
Breakdown of the scopes used for search operations with the number of percentage of searches with each scope
-
Breakdown of the most common entry counts for search operations with the number and percentage of searches that returned that number of entries
-
Breakdown of the most commonly used filter types for searches with a scope other than base (that is, those searches for which the server uses when processing the filter)
These filters are represented in a generic manner so that any distinct assertion values or substring assertion elements are replaced with question marks and attribute names in all lowercase characters such as
(givenName=John)
would be represented as(givenName=?)
.
Steps
-
Use the
bin/summarize-access-log
with the path to one or more access log files.Example:
$ bin/summarize-access-log /path/to/logs/access
Result:
The system displays the following information.
Examining access log /path/to/logs/access Examined 500 lines in 1 file covering a total duration of 1 day, 22 hours, 57 minutes, 31 seconds Total connections established: 69 (0.000/second) Total disconnects: 69 (0.000/second) Most common client addresses: 127.0.0.1: 61 (88.406) 10.8.1.209: 8 (11.594) Total operations examined: 181 ... (metric for each operation examined) ... Average operation processing duration: 22.727ms Average add operation processing duration: 226.600ms Average bind operation processing duration: 5.721ms Average delete operation processing duration: 77.692ms Average modify operation processing duration: 35.530ms Average search operation processing duration: 4.017ms Count of add operations by processing time: ... (histogram for add operations) ... Count of bind operations by processing time: ... (histogram for bind operations) ... Count of delete operations by processing time: ... (histogram for delete operations) ... Count of modify operations by processing time: ... (histogram for modify operations) ... Count of search operations by processing time: ... (histogram for search operations) ... Most common add operation result codes: success: 11 (84.615%) entry already exists: 2 (15.385%) Most common bind operation result codes: success: 4 (50.000%) invalid credentials: 4 (50.000%) Most common delete operation result codes: success: 1 (100.000%) Most common modify operation result codes: success: 9 (69.231%) no such object: 4 (30.769%) Most common search operation result codes: success: 133 (91.724%) no such object: 12 (8.276%) Number of unindexed searches: 0 Most common search scopes: BASE: 114 (78.621%) SUB: 16 (11.034%) ONE: 15 (10.345%) Most common search entry counts: 1: 119 (82.069%) 0: 17 (11.724%) 2: 5 (3.448%) 10: 4 (2.759%) Most common generic filters for searches with a non-base scope: (objectclass=?): 19 (61.290%) (ds-backend-id=?): 12 (38.710%)