For one of my customers I had to analyse the log files of Oracle Unified Directory from time to time. In particular the access log file. During my research I came across the MOS note 2042620.1 and the Access Log Parsing System or short ALPS. ALPS is a small and handy tool to analyse OUD and OUDSEE access logs. Written in Java it does run an a couple of different environments. The requirements to run it are rather simple. Just make sure you still have Java 8. 🙂
A few features:
- Graphical dashboard providing an overview of LDAP operations, connections, operations per seconds and elapsed times.
- Information on connection with longest etimes
- Analysis of LDAP operationen e.g. operations over time, most frequent search base, filters, attributes and more.
- Connections and client adresses.
- Overview of the result codes that occurred.
- Log reader to browse through the logfiles.
- Log replay
- Load of individual log files, zip archives or entire log directories. Loading multiple access log files allows to simultaneous analysis of access logs from replicated OUD instances. Although this is some kind of a workaround.
The following print screen does show an ALPS dashboard. The access log has been taken from my OUD EUS AD proxy instance, which I did used during my TechEvent presentation on OUD and EUS. Not really a heavily loaded OUD instance.
An other view of the LDAP operations around 09:30. The time I’ve rund the demo and created the instance 🙂
In the context of OUD 12c there are currently some limitations. Oracle changed the default log publisher to the Oracle Loggers using the ODL format. ALPS can not yet handle the new format. If you plan to analyse OUD access or admin logs you still have to use the legacy log publishers. Beside this, a small info message can cause, that your log’s are not recognised by ALPS. OUD 12c add’s the following info to the header of new log files.
This logger has been deprecated. Recommended to use Oracle Loggers [14/Sep/2018:09:28:23 +0000] CONNECT CONN_POOL conn=0 protocol=LDAP extension=proxy1 from=te2018_oud.postgasse.org/172.17.0.4 to=mneme.postgasse.org/192.168.56.70 s_conn=0 ...
Just remove the line starting with This logger has been deprecated...
and ALPS is fine again. Beside fixing this issue, I do have a couple of more wishes for the next release of ALPS.
- Officially support for new ODL format log files.
- Support for log files from different sources. e.g. from multiple OUD instance in an replicated environment. The current version of ALPS allows to load multiple files, but there is no possibility to distinct the log file source.
Using ALPS to analysis OUD or ODSEE access logs will help to reduce you’re workload, so you have time to enjoy the real alps.
Been searching for some information around OUD logging (eg what’s logged, what the format is in access, admin, errors, replication logs), but haven’t stumbled across any good resource (not even on oracle sites). Do you know of a good reference somewhere of OUD logging including:
1) What is logged by default
2) What other logging can be enabled
3) A list of all events that log and a schema or example of them
4) Any information at all about OUD logging
Hi
I while ago I did look for similar information but I’ve just been partially successful.
OUD 11g did use the access and error logs which are in a similar format as other LDAP logs and readable by ALPS. OUD 12c start to use Oracle Diagnostic Logging format.
And a few information more
Managing Log Files and Diagnostic Data