Audit log
The audit log is a specialized version of the access log used for troubleshooting problems that could occur in the course of processing.
The audit log records all changes to directory data in LDIF format so that administrators can quickly diagnose the changes an application made to the data or replay the changes to another server for testing purposes.
The audit log does not record authentication attempts but can be used in conjunction with the access log to troubleshoot security-related issues.
The audit log is disabled by default because it reduces the server’s write performance.
By default, if you enable the audit log on the server, the
userPassword
and authPassword
attribute values are obscured. Each value of an obscured attribute is replaced in the audit log with a string of the form "***** OBSCURED VALUE *****"
.
You can unobscure these attributes by deleting them from the
obscure-attribute
property.