Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 8. Getting Directory Server access log using the command line

The logconv.pl command analyzes Directory Server access logs, extracts usage statistics, and counts occurrences of significant events specified on the command line. The logconv.pl command prints a list of total operations, total number of connections, counts per each operation type, counts for some extended operations like persistent searches, and bind information.

The logconv.pl command has the following syntax: 

logconv.pl/path/to/accesslog
Copy to Clipboard Toggle word wrap

To analyze multiple access log files, you can use the following format with an asterisk (*): 

logconv.pl /var/log/dirsrv/slapd-instance_name/access*
Copy to Clipboard Toggle word wrap

The logconv.pl command generates following three types of statistics that are useful for monitoring the Directory Server and optimizing Directory Server configuration:

  • Counts of events, such as total binds and total searches performed.
  • Lists of the most frequently occurring parameters in LDAP requests. For example, the logconv.pl command generates lists of the top ten bind DNs, base DNs, filter strings, and attributes returned.
  • Counts of occurrences for error codes such as those defined in ldap.h.

The logconv.pl command analyzes Directory Server access logs and extracts usage statistics and counts occurrences of significant events.

The logconv.pl takes following options:

  • -S: specifies the time to begin the log file analysis.
  • -E: specifies the time to stop the log files analysis.
  • -bc: generates a report based on the number of DNs used to connect to the server and the total connection codes the server returns.
  • -m: generates output data per second (-m) to a specified CSV output file.
  • -M: generates output data with counts per minute (-M) to a specified CSV output file.

Procedure

  • To generate a simple access log summary, run the following command: 

    # logconv.pl /var/log/dirsrv/slapd-instance_name/access

Access Log Analyzer 8.2
Command: logconv.pl /var/log/dirsrv/slapd-instance_name/access
Processing 1 Access Log(s)...

[001] /var/log/dirsrv/slapd-instance_name/access size(bytes):77532

Total Log Lines Analysed:  527
Start of Logs:    14/Oct/2017:16:15:22.452909568
End of Logs:      14/Oct/2017:16:39:50.157790196

Processed Log Time:  0 Hours, 24 Minutes, 27.704877056 Seconds

Restarts:                     10
Secure Protocol Versions:
 - TLS1.2 client bound as uid=user_name,ou=people,o=example.com (11 connections)
 - TLS1.2 128-bit AES; client CN=CA Subsystem,O=example.com; issuer CN=Certificate Authority,O=example.com (11 connections)
 - TLS1.2 128-bit AES-GCM (2 connections)
 - TLS1.2 128-bit AES (3 connections)

Peak Concurrent Connections:  38
Total Operations:             4771
Total Results:                4653
Overall Performance:          97.5%

Total Connections:            249          (0.17/sec)  (10.18/min)
 - LDAP Connections:          107          (0.07/sec)  (4.37/min)
 - LDAPI Connections:         128          (0.09/sec)  (5.23/min)
 - LDAPS Connections:         14           (0.01/sec)  (0.57/min)
 - StartTLS Extended Ops:     2            (0.00/sec)  (0.08/min)

Searches:                     2963         (2.02/sec)  (121.13/min)
Modifications:                649          (0.44/sec)  (26.53/min)
Adds:                         785          (0.53/sec)  (32.09/min)
Deletes:                      10           (0.01/sec)  (0.41/min)
Mod RDNs:                     6            (0.00/sec)  (0.25/min)
Compares:                     0            (0.00/sec)  (0.00/min)
Binds:                        324          (0.22/sec)  (13.25/min)

Proxied Auth Operations:      0
Persistent Searches:          17
Internal Operations:          0
Entry Operations:             0
Extended Operations:          4
Abandoned Requests:           0
Smart Referrals Received:     0

VLV Operations:               30
VLV Unindexed Searches:       0
VLV Unindexed Components:     20
SORT Operations:              22

Entire Search Base Queries:   12
Paged Searches:               2
Unindexed Searches:           0
Unindexed Components:         149

FDs Taken:                    249
FDs Returned:                 212
Highest FD Taken:             107

Broken Pipes:                 0
Connections Reset By Peer:    0
Resource Unavailable:         0
Max BER Size Exceeded:        0

Binds:                        324
Unbinds:                      155
---------------------------------
 - LDAP v2 Binds:             41
 - LDAP v3 Binds:             180
 - AUTOBINDs(LDAPI):          103
 - SSL Client Binds:          0
 - Failed SSL Client Binds:   0
 - SASL Binds:                134
   - EXTERNAL: 114
   - GSSAPI: 20
 - Directory Manager Binds:   10
 - Anonymous Binds:           1

Cleaning up temp files...
Done.
    Copy to Clipboard Toggle word wrap

    The logconv.pl script prints a list of total operations, total number of connections, counts per each operation type, counts for some extended operations like persistent searches, and bind information.

    • Optional: If you must enable additional connection summaries passed as a single option, such as the number of DNs used to connect to the server (b) and the total connection codes the server (c) returns, specify the -bc option as follows: 

      # lotgconv.pl -bc /var/log/dirsrv/slapd-instance_name/access

----- Total Connection Codes -----
U1              3    Cleanly Closed Connections
B1              1    Bad Ber Tag Encountered

----- Top 20 Bind DN's -----
Number of Unique Bind DN's: 212
1801            cn=Directory Manager
1297            Anonymous Binds
311              uid=jsmith,ou=people...
87               uid=bjensen,ou=peopl...
85               uid=mreynolds,ou=peo...
69               uid=jrockford,ou=peo...
55               uid=sspencer,ou=peop...
      Copy to Clipboard Toggle word wrap

    • Optional: If you must enable data output for a certain start (-S) and end time (-E) or within a specific range, run the following command 

      # logconv.pl -S "[01/Jul/2022:16:11:47.000000000 -0400]" -E "[01/Jul/2022:17:23:08.999999999 -0400]" /var/log/dirsrv/slapd-instance_name/access
...
----------- Access Log Output ------------

Start of Logs:    01/Jul/2022:16:11:47
End of Logs:      01/Jul/2022:17:23:08
      Copy to Clipboard Toggle word wrap

      When start and end times are set, the logconv.pl command first prints the time range given, then the summary for that period.

    • Optional: If you must enable data output with counts per minute (-M) or per second (-m), run the following command: 

      # logconv.pl -m|-M outputFile accessLogFile
      Copy to Clipboard Toggle word wrap
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2026 Red Hat