dsconfig create-access-log-filtering-criteria — Creates Access Log Filtering Criteria
dsconfig create-access-log-filtering-criteria
{options}
The dsconfig create-access-log-filtering-criteria command takes the following options:
--publisher-name {name}
The name of the Access Log Publisher.
Access Log Filtering Criteria properties depend on the Access Log Filtering Criteria type, which depends on the {name} you provide.
By default, OpenDJ directory server supports the following Access Log Filtering Criteria types:
Default {name}: Access Log Filtering Criteria
Enabled by default: false
See the section called “Access Log Filtering Criteria” for the properties of this Access Log Filtering Criteria type.
--criteria-name {name}
The name of the new Access Log Filtering Criteria.
Access Log Filtering Criteria properties depend on the Access Log Filtering Criteria type, which depends on the {name} you provide.
By default, OpenDJ directory server supports the following Access Log Filtering Criteria types:
Default {name}: Access Log Filtering Criteria
Enabled by default: false
See the section called “Access Log Filtering Criteria” for the properties of this Access Log Filtering Criteria type.
--set {PROP:VALUE}
Assigns a value to a property where PROP is the name of the property and VALUE is the single value to be assigned. Specify the same property multiple times in order to assign more than one value to it.
Access Log Filtering Criteria properties depend on the Access Log Filtering Criteria type, which depends on the --criteria-name {name}
option.
Access Log Filtering Criteria of type access-log-filtering-criteria have the following properties:
Filters log records associated with connections which match at least one of the specified client host names or address masks. Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask.
None
An IP address mask
Yes
No
None
No
No
Filters log records associated with connections which do not match any of the specified client host names or address masks. Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask.
None
An IP address mask
Yes
No
None
No
No
Filters log records associated with connections to any of the specified listener port numbers.
None
An integer value. Lower value is 1. Upper value is 65535.
Yes
No
None
No
No
Filters log records associated with connections which match any of the specified protocols. Typical values include "ldap", "ldaps", or "jmx".
None
The protocol name as reported in the access log.
Yes
No
None
No
No
Filters log records based on their type.
None
Abandon operations
Add operations
Bind operations
Compare operations
Client connections
Delete operations
Client disconnections
Extended operations
Modify operations
Rename operations
Search operations
Unbind operations
Yes
No
None
No
No
Filters operation log records associated with operations which target entries matching at least one of the specified DN patterns. Valid DN filters are strings composed of zero or more wildcards. A double wildcard ** replaces one or more RDN components (as in uid=dmiller,**,dc=example,dc=com). A simple wildcard * replaces either a whole RDN, or a whole type, or a value substring (as in uid=bj*,ou=people,dc=example,dc=com).
None
A String
Yes
No
None
No
No
Filters operation log records associated with operations which target entries matching none of the specified DN patterns. Valid DN filters are strings composed of zero or more wildcards. A double wildcard ** replaces one or more RDN components (as in uid=dmiller,**,dc=example,dc=com). A simple wildcard * replaces either a whole RDN, or a whole type, or a value substring (as in uid=bj*,ou=people,dc=example,dc=com).
None
A String
Yes
No
None
No
No
Filters operation response log records associated with operations which took longer than the specified number of milli-seconds to complete. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
An integer value. Lower value is 0.
No
No
None
No
No
Filters operation response log records associated with operations which took less than the specified number of milli-seconds to complete. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
An integer value. Lower value is 0.
No
No
None
No
No
Filters operation response log records associated with operations which include any of the specified result codes. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
An integer value. Lower value is 0.
Yes
No
None
No
No
Filters operation response log records associated with operations which do not include any of the specified result codes. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
An integer value. Lower value is 0.
Yes
No
None
No
No
Filters search operation response log records associated with searches which were either indexed or unindexed. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
true
false
No
No
None
No
No
Filters search operation response log records associated with searches which returned more than the specified number of entries. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
An integer value. Lower value is 0.
No
No
None
No
No
Filters search operation response log records associated with searches which returned less than the specified number of entries. It is recommended to only use this criteria in conjunction with the "combined" output mode of the access logger, since this filter criteria is only applied to response log messages.
None
An integer value. Lower value is 0.
No
No
None
No
No
Filters log records associated with users matching at least one of the specified DN patterns. Valid DN filters are strings composed of zero or more wildcards. A double wildcard ** replaces one or more RDN components (as in uid=dmiller,**,dc=example,dc=com). A simple wildcard * replaces either a whole RDN, or a whole type, or a value substring (as in uid=bj*,ou=people,dc=example,dc=com).
None
A String
Yes
No
None
No
No
Filters log records associated with users which do not match any of the specified DN patterns. Valid DN filters are strings composed of zero or more wildcards. A double wildcard ** replaces one or more RDN components (as in uid=dmiller,**,dc=example,dc=com). A simple wildcard * replaces either a whole RDN, or a whole type, or a value substring (as in uid=bj*,ou=people,dc=example,dc=com).
None
A String
Yes
No
None
No
No
Filters log records associated with users which are members of at least one of the specified groups.
None
A valid DN.
Yes
No
None
No
No
Filters log records associated with users which are not members of any of the specified groups.
None
A valid DN.
Yes
No
None
No
No