The Access Log records every request received and response returned by the Directory Server. The Access Log stores the IDs for the client connection, operation, the LDAP message involved with each client request, and the server response. The information can be used to debug any problems with a client application by correlating the numeric operation identifier to the client request or response.

The Directory Server supports multiple classes of access log publishers depending on your logging requirements. The following types of access log publishers are available on the system:
  • File-Based Access Log Publishers. Provides a character-based TextWriter stream for outputting log records. There are three subclasses of TextWriter access logs:
    • File-Based Access Logs. Enabled by default. The File-based Access Log publishes access messages to the file system as <server-root>/logs/access. The Failed-Operations Log, Expensive-Operations Log, and the Searches with No Entries Returned Log are specialized types of the File-Based Access Log and shows only specific information necessary for troubleshooting purposes.
    • Admin-Alert Access Logs. Disabled by default. The Admin-Alert Access Log is specialized type of logger that automatically generates administrative alerts for any operations that match a criteria for this access log publisher.
    • Syslog-Based Access Logs. Disabled by default. The Syslog Access Log publishes access messages to a syslogd port.
  • File-Based Audit Logs. Disabled by default. The Audit Log provides detailed information about modifications (writes) processed within the Directory Server. The File-based Audit Log publishes access messages to the file system as <server-root>/logs/audit.
  • JDBC-Based Access Logs. Disabled by default. The JDBC-based Access Log provides information using a JDBC database connection.
  • JDBC-Based Error Logs. Disabled by default. The JDBC-based Error Log provides information using a JDBC database connection.