Enter the following (UNIX) command to see logging information:

The following information is shown:

Database activity is monitored using a query similar to this one:

The common UNIX tools and ways are your help here. First check the process ID of the slapd daemon, then go into the /proc/<slapd_PID> directory. The various files and directories there will give you a pretty good idea of what your server is doing.

If you prefer something more straight forward, use top -p slapd_PID:

17:53:16  up 30 days,  3:15,  5 users,  load average: 0.25, 0.14, 0.11
1 processes: 1 sleeping, 0 running, 0 zombie, 0 stopped
CPU states:   0.9% user   0.5% system   0.0% nice   0.0% iowait  98.5% idle
Mem: 497652k av,  491404k used, 6248k free,  0k shrd, 126544k buff
     371664k actv,     0k in_d, 10208k in_c
Swap: 1044184k av,   63304k used,  980880k free    211792k cached
                                                                                
PID  USER  PRI NI SIZE  RSS SHARE STAT %CPU %MEM TIME CPU COMMAND
1010 ldap   25  0 2964 2116  1084 S     0.0  0.4 0:37   0 slapd

Additionally, information about file descriptors and such may be found in the /var/log/slapd-log file(s).

Lots of tools using the Simple Network Management Protocol are available, check with FreshMeat or SourceForge. Most of the tools use SNMP commands in Perl, shell or other scripts for reporting to queries from the network.

This supposes that you have an SNMP package installed and an snmpd running and answering queries. If this is not the case, see for instance http://www.net-snmp.org/, formerly known as ucd-snmp (they have Solaris binaries too).

When using net-snmp, you will find the /etc/snmp/snmpd.conf file that comes with the package full of examples that are perfectly suited for our purposes. On the most basic level, you can have SNMP report whether your LDAP server is running, including these directives in /etc/snmp/snmpd.conf:

In the “Access Control” section, add this line for faster access (without authentication):

view	systemview	included	.1.3.6.1.4.1

In the “Process Checks” section, add a line containing the name of the process you want to monitor, as it appears in the process list:

proc /usr/sbin/slapd

Using snmpwalk will generate the following output:

userprompt:~> snmpwalk -v 2c localhost -c public .1.3.6.1.4.1.2021.2
UCD-SNMP-MIB::prIndex.1 = INTEGER: 1
UCD-SNMP-MIB::prNames.1 = STRING: /usr/sbin/slapd
UCD-SNMP-MIB::prMin.1 = INTEGER: 0
UCD-SNMP-MIB::prMax.1 = INTEGER: 0
UCD-SNMP-MIB::prCount.1 = INTEGER: 1
UCD-SNMP-MIB::prErrorFlag.1 = INTEGER: 0
UCD-SNMP-MIB::prErrMessage.1 = STRING:
UCD-SNMP-MIB::prErrFix.1 = INTEGER: 0
UCD-SNMP-MIB::prErrFixCmd.1 = STRING:

You will get an error message in the “UCD-SNMP-MIB::prErrMessage.1” container when the daemon is not running.

Similarly, you can add lines that monitor system load, diskspace on your E-mail partition, file size and such. Or for the more advanced monitoring setup, write scripts that check on network connection, file descriptors and such, and include this in the snmpd.conf file. We included this example for testing that the server is listening on the LDAP port:

#!/bin/bash
LDAP_PORT=`netstat -a | grep -i listen | grep -i ldap`
if [ -n $LDAP_PORT ] ; then
	echo "Listening for LDAP connections."
else
	echo "Error: No TCP port listening for LDAP connections!"
fi

Place the script in your favorite scripting directory, and refer to it in the snmpd.conf file like this:

exec ldapcheck /bin/bash /your_dir/ldapcheck.sh

This script can be executed issuing the query:

If you want to get warnings when things go wrong, you need to trap the SNMP signals. More information about this and more advanced subjects can be found in the man pages that come with the net-snmp package.