Directory Services 7.4.2

JSON File Based Access Log Publisher

JSON File Based Access Log Publishers publish access messages to JSON files.

Parent

The JSON File Based Access Log Publisher object inherits from Common Audit Access Log Publisher.

Dependencies

JSON File Based Access Log Publishers depend on the following objects:

JSON File Based Access Log Publisher properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties Advanced Properties

enabled
filtering-policy
log-controls
log-directory
log-field-blacklist
log-file-name-prefix
retention-policy
rotation-policy

exclude-values-of-attributes
include-values-of-attributes
java-class
log-modified-attribute-values
suppress-internal-operations
suppress-synchronization-operations

Basic properties

Use the --advanced option to access advanced properties.

enabled

Synopsis

Indicates whether the Log Publisher is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

filtering-policy

Synopsis

Specifies how filtering criteria should be applied to log records.

Default value

no-filtering

Allowed values

  • exclusive: Records must not match any of the filtering criteria in order to be logged.

  • inclusive: Records must match at least one of the filtering criteria in order to be logged.

  • no-filtering: No filtering will be performed, and all records will be logged.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-controls

Synopsis

Specifies whether controls with criticality and values will be included in operation log records.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-directory

Synopsis

The directory to use for the log files generated by the JSON File Based Access Log Publisher. The path to the directory is relative to the server root.

Default value

logs

Allowed values

A path to an existing directory that is readable and writable by the server.

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

log-field-blacklist

Synopsis

List of fields that the server omits from access log messages.

Description

Valid values for this property are JSON paths for fields present in the log file.

Default value

No message elements are blacklisted by default

Allowed values

A JSON path to an existing object of the access event definition.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

log-file-name-prefix

Synopsis

File name prefix (without extension) for CSV and JSON file based access log publishers.

Default value

ldap-access

Allowed values

A string.

Multi-valued

No

Required

No

Admin action required

The object must be disabled and re-enabled for changes to take effect.

Advanced

No

Read-only

No

retention-policy

Synopsis

The retention policy to use for the JSON File Based Access Log Publisher.

Description

When multiple policies are used, log files are cleaned when any of the policy’s conditions are met.

Default value

No retention policy is used and log files are never cleaned.

Allowed values

The name of an existing log-retention-policy.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

rotation-policy

Synopsis

The rotation policy to use for the JSON File Based Access Log Publisher.

Description

When multiple policies are used, rotation will occur if any policy’s conditions are met.

Default value

No rotation policy is used and log rotation will not occur.

Allowed values

The name of an existing log-rotation-policy.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

No

Read-only

No

Advanced properties

Use the --advanced option to access advanced properties.

exclude-values-of-attributes

Synopsis

Attributes types targeted by a modify operation for which the modified values should be omitted from the access log.

Default value

None

Allowed values

The name of an attribute type defined in the LDAP schema.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

include-values-of-attributes

Synopsis

Attributes types targeted by a modify operation for which the modified values should be included in the access log.

Default value

None

Allowed values

The name of an attribute type defined in the LDAP schema.

Multi-valued

Yes

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

java-class

Synopsis

The fully-qualified name of the Java class that provides the JSON File Based Access Log Publisher implementation.

Default value

org.opends.server.loggers.JsonFileAccessLogPublisher

Allowed values

A Java class that extends or implements:

  • org.opends.server.loggers.LogPublisher

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

Yes

Read-only

No

log-modified-attribute-values

Synopsis

The access log contains the values of attributes targeted by a modify operation.

Default value

false

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

suppress-internal-operations

Synopsis

Indicates whether internal operations (for example, operations that are initiated by plugins) should be logged along with the operations that are requested by users.

Default value

true

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No

suppress-synchronization-operations

Synopsis

Indicates whether access messages that are generated by synchronization operations should be suppressed.

Default value

false

Allowed values

true

false

Multi-valued

No

Required

No

Admin action required

None

Advanced

Yes

Read-only

No