The PingDirectory server is preconfigured with an audit log instance that can be used to help replay or revert changes if the need arises. This is the data recovery log, and the log files are written into the logs/data-recovery directory.
The log files are compressed, and they are also encrypted if data encryption is enabled in the server. The logger is configured to use reversible form to make it usable to revert changes as well as to replay them. The server is configured to keep the data recovery log files for up to one week or up to ten gigabytes of disk space.
The server also provides an
tool to use in conjunction with this log. It offers a wide variety of arguments that can
be used to identify which changes to extract, and it generates an LDIF file with the
extracted changes. The changes can be exported in a form that allows them to be
replayed, or they can be exported in a form that allows them to be reverted.
Some of the things that can be used to identify the changes to extract from the data recovery log are:
- The time that the changes were processed
- The operation types (add, delete, modify and modify distinguished name (DN)) for the changes to extract
- The connection ID for the connection on which the changes were requested
- The identity of the user that requested the changes
- The location of the changes in the DIT
- The content of the change