Openldap Logging and Debugging Levels
Using Debug Logging
Debug logging is useful for troubleshooting slapd issues, especially at startup where regular slapd logging via syslog loses important information.
When running in debug mode, log output is printed to stderr instead of writing to the log file via syslog
Starting/stopping in Debug Mode
To run in debug mode, slapd must be started from the command line with the “-d <Debug Level>” option.
# Starting in debug mode from the command line
/opt/symas/lib/slapd -f /opt/symas/etc/openldap/slapd.conf -h "ldap:///" -d <Debug Level>
-or-
/opt/symas/lib/slapd -F /opt/symas/etc/openldap/slapd.d -h "ldap:///" -d <Debug Level>Slapd will run for as long as the terminal session is alive.
To stop slapd, enter Ctrl-C.
For more options on starting slapd from the command line, see the slapd man page.
Debug Levels
There are many logging levels for different purposes. Log levels may be configured using their names, as integer values or as hex values.
When setting log levels using names on the command line, define them as a comma separated list:
/opt/symas/lib/slapd -h "ldap:///" -d sync,statsWhen setting log levels using integer or hex values, add the values together:
# Using levels stats (256) and sync (16384) as integers /opt/symas/lib/slapd -h "ldap:///" -d 16640 # Using hex values: levels stats (0x100) and sync (0x4000) /opt/symas/lib/slapd -h "ldap:///" -d 0x4100
Debugging levels:
| Name | Int. | Hex | Description |
|---|---|---|---|
| any | -1 | Enables logging at all levels | |
| none | 0 | No logging occurs | |
| trace | 1 | 0x1 | Trace function calls |
| packets | 2 | 0x2 | Debug packet handling |
| args | 4 | 0x4 | Heavy trace debugging (function args) |
| conns | 8 | 0x8 | Connection management |
| BER | 16 | 0x10 | Print out packets sent and received |
| filter | 32 | 0x20 | Search filter processing |
| config | 64 | 0x40 | Configuration file processing |
| ACL | 128 | 0x80 | Access control list processing |
| stats | 256 | 0x100 | Connections, LDAP operations, results (recommended) |
| stats2 | 512 | 0x200 | Stats log entries sent |
| shell | 1024 | 0x400 | Print communication with shell backends |
| parse | 2048 | 0x800 | Entry parsing |
| sync | 16384 | 0x4000 | LDAPSync replication |
| none | 3278 | 0x8000 | Only messages that get logged whatever log level is set |
Saving Debug Output
When running in debug mode, all debug messages are printed to stderr in the terminal. To save the messages, redirect stderr to a file. When redirecting, no log output will be seen in the terminal:
/opt/symas/lib/slapd -h "ldap:///" -d 16640 > logfile.txt 2>&1If you want to watch the debug messages on the terminal and save the messages to a file, use the tee command:
/opt/symas/lib/slapd -h "ldap:///" -d 16640 2>&1 | tee logfile.txt