Light Weight Directory Access Protocol (LDAP) has become very popular due to its efficient and fast data access. A large number of applications/services are currently in use and being developed which use an LDAP directory as their centralized data repository.
The LDAP directory stores entries as a tree. Each entry may consist of one or more attribute names and attribute values. An entry may be uniquely identified by its distinguished name (DN) that may include a common name (cn) attribute of the entry and DN of a parent entry.
The contents of the entries are governed by an LDAP directory schema. The schema defines object classes and each entry has an objectClass attribute containing named classes defined in the schema. The objectClass attribute may be multivalued and contain the class “top” as well as some number of other classes. The schema definition for each class an entry belongs to defines what kind of object the entry may represent (e.g., a person, organization or domain). Membership in a particular class gives the entry the option of containing one set of attributes (optional attributes), and the obligation of containing another set of attributes (mandatory or required attributes). For example, an entry representing a person might belong to the class “person.” Membership in the “person” class would require the entry to contain the “sn” and “cn” attributes and allow the entry also to contain “userPassword,” “telephoneNumber” and other attributes.
Logs of LDAP servers are stored as flat files. A flat file is a file that is a simple data structure where data is stored as entries in continues memory space without any hierarchical organization. Entries are stored one after the other in chronological order with a specified order of parameters in each entry. Entries in the log typically include parameters indicating the type of entry, a timestamp and some parameter values associated with the type of entry.
Various components of an LDAP server may each maintain separate logs. Each flat log file is stored in a file directory accessible to the LDAP server and its components. Typical log files that are maintained include an audit log, error log, or access log. These logs cannot be easily searched or navigated due to their organization. Specialized programs must be used to access and manipulate the data from these flat log files. The flat log files are also slow for the system to write to and read from as the file system is slow and the organization of the file offers no assistance in finding or retrieving entries or parameters.