You can add connection information to request-type log messages for file-based access
log publishers of type file-based-access
or
json-access
.
If your applications use the outputs of access log publishers to trigger workflow responses,
you can enrich those logs with connection information related to bind, search, and
modify access requests. To add this connection information, enable the
include-connection-details-in-request-messages
configuration
property for existing and new file-based access log publishers.
The include-connection-details-in-request-messages
property is disabled by
default. The property supports only file-based-access
and
json-access
type file-based access log publishers.
When you enable the include-connection-details-in-request-messages
property,
the log messages for request-based connection types include the following
information:
- Client IP address
- Client port (LDAP connections only)
- PingDirectory server IP address
- PingDirectory server port (LDAP connections only)
- Communication protocol
-
Enable the
include-connection-details-in-request-messages
property for a file-based access log publisher of typefile-based-access
orjson-access
.- Enable the property in an existing log publisher. For
example:
$ bin/dsconfig set-log-publisher-prop \ --publisher-name "Test JSON Access Log Publisher" \ --set include-connection-details-in-request-messages:true
Note:You can disable
include-connection-details-in-request-messages
by setting it tofalse
. - Create a new log publisher with the property enabled. For
example:
$ bin/dsconfig create-log-publisher \ --publisher-name "Test Writer Access Log Publisher" \ --type file-based-access \ --set enabled:true \ --set log-connects:true \ --set log-disconnects:true \ --set log-security-negotiation:true \ --set log-requests:true \ --set log-file:logs/testaccess.log \ --set include-extended-search-request-details:true \ --set include-requester-ip-address:true \ --set include-requester-dn:true \ --set include-request-controls:true \ --set include-response-controls:true \ --set "rotation-policy:24 Hours Time Limit Rotation Policy" \ --set "rotation-policy:Size Limit Rotation Policy" \ --set "retention-policy:File Count Retention Policy" \ --set include-connection-details-in-request-messages:true
- Enable the property in an existing log publisher. For
example: