How to purge ldap accesslog
Modify ldap accesslog Purge Duration
How to modify ldap accesslog purge duration
olcAccessLogPurge attribute is required to modify. In this attribute specifies the maximum age for log entries to be retained in the database, and how often to scan the database for old entries.
This attribute exist in "/opt/zimbra/data/ldap/config/cn\=config/olcDatabase\=\{3\}mdb/olcOverlay\=\{1\}accesslog.ldif" file on ldap master.
Explanation
Default value in zimbra of olcAccessLogPurge attribute is "01+00:00 00+04:00"
This means log database should be scanned every four hours for old entries, and entries older than one day should be deleted. Both the age and interval are specified as a time span in days, hours, minutes, and seconds.
The format of olcAccessLogPurge is [ddd+]hh:mm[:ss] i.e., the days and seconds components are optional, but hours and minutes are required.
So "01+00:00" is age and "00+04:00" is interval.
Procedure to modify attribute
- To modify ldap config, it is mandatory to have a ldap config backup. To export ldap configuration database:
/opt/zimbra/libexec/zmslapcat -c /tmp
- For example, requirement is to accesslog database should be scanned every two hours for old entries, and entries older than four hours should be deleted.
su - zimbra
ldapmodify -x -H ldapi:/// -D cn=config -w `zmlocalconfig -s -m nokey ldap_root_password` <<EOF dn: olcOverlay={1}accesslog,olcDatabase={3}mdb,cn=config changetype:modify replace: olcAccessLogPurge olcAccessLogPurge: 00+04:00 00+02:00 EOF
- Restart LDAP
ldap restart
Submitted by: Navdeep Mathur |