search

gardart / ansible-freeipa-lab

Testing environment for FreeIPA identity management (IDM) with Active Directory
MIT License
7 stars 1 forks source link

Centralized Logging #12

Open gardart opened 3 years ago

gardart commented 3 years ago

https://www.freeipa.org/page/Centralized_Logging

Log Gathering and Transport To meet the defined use cases, at least following logs have to be gathered from the FreeIPA server:

/var/log/httpd/error_log: FreeIPA API call logs (and Apache errors)

/var/log/krb5kdc.log: FreeIPA KDC utilization

/var/log/dirsrv/slapd-$REALM/access: Directory Server utilization

/var/log/dirsrv/slapd-$REALM/errors: Directory Server errors (including mentioned replication errors)

/var/log/pki/pki-tomcat/ca/transactions: FreeIPA PKI transactions/logs

FreeIPA client logs:

/var/log/sssd/*.log: SSSD logs (multiple, for all tracked logs)

/var/log/audit/audit.log: user login attempts

/var/log/secure: reasons why user login failed

gardart commented 3 years ago

https://github.com/pschiffe/ipa-log-config