Return-Path: 
 <dev-return-22510-apmail-directory-dev-archive=directory.apache.org@directory.apache.org>
Delivered-To: apmail-directory-dev-archive@www.apache.org
Received: (qmail 94439 invoked from network); 14 Nov 2007 17:35:50 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 14 Nov 2007 17:35:50 -0000
Received: (qmail 42701 invoked by uid 500); 14 Nov 2007 17:35:37 -0000
Delivered-To: apmail-directory-dev-archive@directory.apache.org
Received: (qmail 42655 invoked by uid 500); 14 Nov 2007 17:35:37 -0000
Mailing-List: contact dev-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@directory.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@directory.apache.org>
List-Post: <mailto:dev@directory.apache.org>
List-Id: <dev.directory.apache.org>
Reply-To: "Apache Directory Developers List" <dev@directory.apache.org>
Delivered-To: mailing list dev@directory.apache.org
Received: (qmail 42644 invoked by uid 99); 14 Nov 2007 17:35:37 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Nov 2007 09:35:37 -0800
X-ASF-Spam-Status: No, hits=1.2 required=10.0
	tests=SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
Received: from [66.221.212.168] (HELO highlandsun.propagation.net)
 (66.221.212.168)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Nov 2007 17:35:24 +0000
Received: from [127.0.0.1] (highlandsun.com [66.221.212.169])
	by highlandsun.propagation.net (8.13.3/8.13.3) with ESMTP id lAEHZ8Q8003982
	for <dev@directory.apache.org>; Wed, 14 Nov 2007 11:35:09 -0600
Message-ID: <473B3132.9090507@symas.com>
Date: Wed, 14 Nov 2007 09:32:34 -0800
From: Howard Chu <hyc@symas.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686;
 rv:1.9b2pre) Gecko/2007111122 SeaMonkey/2.0a1pre
MIME-Version: 1.0
To: dev@directory.apache.org
Subject: [ApacheDS] Change log ietf draft
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked by ClamAV on apache.org

> This is really not a change log draft. It goes beyond and logs any LDAP
> operation. More to come soon..

Right, it's a superset of a change log. It can be used solely as a change log 
if desired. The OpenLDAP implementation lets you choose which specific types 
of operation to log as well as classes of ops (reads, writes, etc.). The 
delta-syncrepl implementation in OpenLDAP relies on it as a change log, but 
some sites use it to log everything.

I think the motivation is already explained in the doc - LDAP is the hammer, 
everything else is a nail; there's no need to use multiple protocols to 
administer all the servers in an enterprise when LDAP will do it all 
conveniently and securely.

It's been pointed out to me that this isn't currently a complete replacement 
for syslog; it doesn't record events that are not directly associated with 
LDAP operations. E.g. connection accept() and close() events are missing, nor 
does it log spontaneously generated errors. That hasn't been a big issue so far.

> On 9/29/07, Alex Karasulu <akarasulu@apache.org> wrote:
>>
>> Hi,
>>
>> Howard just pointed me over to the following closely related draft here:
>>
>>    http://www.highlandsun.com/hyc/drafts/draft-chu-ldap-logschema-xx.html
>>
>> Thoughts?
>>
>> Alex
>>

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/