Hi all,
I'm working with a sample log snippet below.
The overall goal is to get stats about long-running operations. I am trying to display the etime, bind_id, conn, and the search_filter for any operation that takes longer than 20 seconds (etime>20).
I've tried using "transaction" with conn but I do not know how to manipulate the data afterwards.
I am trying to get an output that looks similar to,
conn bind_id search_filter etime
65110583 "uid=hello,o=test" "(uid=abc*)" 165
::Log snippet::
2019-10-15T08:20:06+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:20:05 -0400] conn=65110583 op=-1 msgId=-1 - connection from 10.10.10.10:1234 to 10.10.10.15
2019-10-15T08:20:06+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:20:05 -0400] conn=65110583 op=0 msgId=1 - BIND dn="uid=hello,o=test"
2019-10-15T08:20:06+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:20:05 -0400] conn=65110583 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=hello,o=test"
2019-10-15T08:20:06+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:20:06 -0400] conn=65110583 op=1 msgId=2 - SRCH base="ou=everyone,o=test" scope=2 filter="(uid=abc*)" attrs="cn"
2019-10-15T08:20:10+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:20:08 -0400] conn=65110583 op=1 msgId=2 - SORT uid (269746)
2019-10-15T08:23:01+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:22:51 -0400] conn=65110583 op=1 msgId=2 - RESULT err=0 tag=101 nentries=269746 etime=165 notes=U
2019-10-15T08:28:42+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:28:34 -0400] conn=65110583 op=2 msgId=3 - UNBIND
2019-10-15T08:28:42+00:00 serverABC ACCESSLOG[15/Oct/2019]: 04:28:34 -0400] conn=65110583 op=2 msgId=-1 - closing from 10.10.10.10:1234 - U1 - Connection closed by unbind client -
Thank you.
... View more