If your applications use the outputs of access log publishers to trigger workflow responses, you can enrich those logs with connection information related to bind, search, and modify access requests. To add this connection information, enable the include-connection-details-in-request-messages configuration property for existing and new file-based access log publishers.

Note:

The include-connection-details-in-request-messages property is disabled by default. The property supports only file-based-access and json-access type file-based access log publishers.

When you enable the include-connection-details-in-request-messages property, the log messages for request-based connection types include the following information:

  • Client IP address
  • Client port (LDAP connections only)
  • PingDirectory server IP address
  • PingDirectory server port (LDAP connections only)
  • Communication protocol
  • Enable the include-connection-details-in-request-messages property for a file-based access log publisher of type file-based-access or json-access.
    • Enable the property in an existing log publisher. For example:
      $ bin/dsconfig set-log-publisher-prop \
        --publisher-name "Test JSON Access Log Publisher" \
        --set include-connection-details-in-request-messages:true
      Note:

      You can disable include-connection-details-in-request-messages by setting it to false.

    • Create a new log publisher with the property enabled. For example:
      $ bin/dsconfig create-log-publisher \
        --publisher-name "Test Writer Access Log Publisher" \
        --type file-based-access \
        --set enabled:true \
        --set log-connects:true \
        --set log-disconnects:true \
        --set log-security-negotiation:true \
        --set log-requests:true \
        --set log-file:logs/testaccess.log \
        --set include-extended-search-request-details:true \
        --set include-requester-ip-address:true \
        --set include-requester-dn:true \
        --set include-request-controls:true \
        --set include-response-controls:true \
        --set "rotation-policy:24 Hours Time Limit Rotation Policy" \
        --set "rotation-policy:Size Limit Rotation Policy" \
        --set "retention-policy:File Count Retention Policy" \
        --set include-connection-details-in-request-messages:true