Hello everyone, I’m looking for a solution to add the source IP address to all logs generated by slapd. The goal is to be able to identify where all requests are coming from, whether it's authentication, search queries, or entry modifications in the LDAP server.
I would like this IP address to be included in every log entry, regardless of the event being logged, to make it easier to analyze and track actions performed on the server. I know there is a session ID used to track all queries, and this field can be used to find the source IP, but this is not convenient in my case. Basic logs are like this: 2025-02-18T21:19:45.742134+00:00 c4502f9415ba slapd[13]: conn=1001 fd=11 ACCEPT from IP=172.17.0.1:40632 (IP=0.0.0.0:389) 2025-02-18T21:19:45.742880+00:00 c4502f9415ba slapd[13]: conn=1001 op=0 do_bind 2025-02-18T21:19:45.742973+00:00 c4502f9415ba slapd[13]: conn=1001 op=0 BIND dn="" method=128 2025-02-18T21:19:45.743018+00:00 c4502f9415ba slapd[13]: send_ldap_result: conn=1001 op=0 p=3 2025-02-18T21:19:45.744072+00:00 c4502f9415ba slapd[13]: conn=1001 op=0 RESULT tag=97 err=0 qtime=0.000075 etime=0.001256 text= But I want these logs to include the IP in every entry: 2025-02-18T21:19:45.742134+00:00 c4502f9415ba slapd[13]: conn=1001 fd=11 ACCEPT from IP=172.17.0.1:40632 (IP=0.0.0.0:389) 2025-02-18T21:19:45.742880+00:00 c4502f9415ba slapd[13]: conn=1001 op=0 do_bind from IP=172.17.0.1:40632 2025-02-18T21:19:45.742973+00:00 c4502f9415ba slapd[13]: conn=1001 op=0 BIND dn="" method=128 from IP=172.17.0.1:40632 2025-02-18T21:19:45.743018+00:00 c4502f9415ba slapd[13]: send_ldap_result: conn=1001 op=0 p=3 from IP=172.17.0.1:40632 2025-02-18T21:19:45.744072+00:00 c4502f9415ba slapd[13]: conn=1001 op=0 RESULT tag=97 err=0 qtime=0.000075 etime=0.001256 text= from IP=172.17.0.1:40632 If anyone has already implemented this functionality or has any advice on how to configure this in slapd, I would greatly appreciate your feedback. I have tried many slapd and rsyslog configurations, but nothing has worked so far. Thank you in advance for your help! -- _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
