The PingDirectory Server provides a mechanism to filter access log messages based on specific criteria.
You can use the filtered log with a custom log publisher to create and generate your own custom logs. Adding new filtered logs and associate publishers doesn't change the behavior of any existing logs. For example, adding a new log that only contains operations that were unsuccessful doesn't result in those operations being removed from the default access log.
The following example shows how to create a set of criteria that matches any operation that didn't complete successfully. It then explains how to create a custom access log publisher that logs only operations matching that criteria.
This log does not include messages for connects or disconnects, and only a single message is logged per operation. This message contains both the request and result details.
To run log filtering based on any operation result, such as result code, processing
time, and response controls, turn off request logging and set the
include-request-details-in-result-messages property to
Because filtering based on the results of an operation can't be done until the operation completes, the server has no idea whether to log the request. Therefore, it might log request messages but not log any result messages. If you can only log result messages and include request details in the result messages, then only messages for operations that match the result criteria are logged. All pertinent information about the corresponding requests are included.
Use the dsconfig command in non-interactive mode to create a
result criteria object set to
failure-result-codes, a predefined set of result codes that indicate when an operation didn't complete successfully.
$ bin/dsconfig create-result-criteria --type simple \ --criteria-name "Failed Operations" --set result-code-criteria:failure-result-codes
Use dsconfig to create the corresponding log publisher that uses
the result criteria.
The log rotation and retention policies are also set with this command.
$ bin/dsconfig create-log-publisher \ --type file-based-access \ --publisher-name "Filtered Failed Operations" \ --set enabled:true \ --set log-connects:false \ --set log-disconnects:false \ --set log-requests:false \ --set "result-criteria:Failed Operations" \ --set log-file:logs/failed-ops.log \ --set include-request-details-in-result-messages:true \ --set "rotation-policy:7 Days Time Limit Rotation Policy" \ --set "retention-policy:Free Disk Space Retention Policy"
- View the failed-ops.log in the logs directory and verify that only information about failed operations was written to it.