Monitoring OpenLDAP
The OpenLDAP sensor is automatically deployed and installed after you install the Instana agent.
Configuration
It is a prerequisite that the OpenLDAP monitoring module is enabled and configured.
OpenLDAP configuration
-
Check if your monitoring module is enabled on your OpenLDAP installation:
ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=module{0},cn=config"
If
olcModuleLoad: {1}back_monitor
is included in the response, the monitoring module is enabled. You can skip to step 3. -
To enable the monitoring module, create a
module_monitoring.ldif
file and run the command:dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: {1}back_monitor
ldapmodify -Y EXTERNAL -H ldapi:/// -f module_monitor.ldif
-
Create an encrypted password for the monitoring user:
slappasswd -s <MONITOR_USER_PASSWORD>
-
Create a
cn_monitor.ldif
file and run the following command to add the monitoring user:dn: <NEW_MONITORING_USER_DISTINGUISHED_NAME> objectClass: simpleSecurityObject objectClass: organizationalRole cn: <COMMON_NAME_OF_THE_NEW_MONITORING_USER> description: LDAP monitor userPassword: <ENCRYPTED_PASSWORD>
ldapadd -x -D <ADMIN_DISTINGUISHED_NAME> -w <ADMIN_PASSWORD> -f cn_monitor.ldif
-
Create a
database_monitor.ldif
file and run the following command to configure the monitoring database:dn: olcDatabase={2}Monitor,cn=config objectClass: olcDatabaseConfig objectClass: olcMonitorConfig olcDatabase: {2}Monitor olcAccess: {0}to dn.subtree="cn=Monitor" by dn.base="<NEW_MONITORING_USER_DISTINGUISHED_NAME>" read by * none
ldapadd -Y EXTERNAL -H ldapi:/// -f database_monitor.ldif
-
To test the monitoring module, run the following command:
ldapsearch -x -D <NEW_MONITORING_USER_DISTINGUISHED_NAME> -w <MONITOR_USER_PASSWORD> -b cn=Uptime,cn=Time,cn=Monitor -s base '(objectClass=*)' '*' '+'
Agent configuration
To enable in-depth metric monitoring, the agent requires the credentials of the monitoring user to access monitoring information.
You can configure it in the agent here: <agent_install_dir>/etc/instana/configuration.yaml
:
com.instana.plugin.openldap:
user: '' # distinguished name of monitoring user, like 'cn=Monitor,dc=example,dc=com'
password: '' # password for monitoring user
port: 10389 # default is 389
schemaPath: '/opt/GC/data/slapd.d/' # schema files location
Metrics collection
To view the metrics, select Infrastructure in the sidebar of the Instana User interface, click a specific monitored host, and then you can see a host dashboard with all the collected metrics and monitored processes.
Configuration data
OpenLDAP Server Details | Description |
---|---|
Started At | Time when OpenLDAP server started. |
DN | Configured Distinguished Name. |
CN | Configured Common Name. |
Object Class | Configured ObjectClass (collection of attributes). |
Args file | Command line args with wich OpenLDAP was started. |
PID file | Current PID of running OpenLDAP. |
Log Level | Log level of running OpenLDAP. |
Tool Threads | The maximum number of threads to use in tool mode. |
Performance metrics
OpenLDAP Server Metrics | Description |
---|---|
Operations | Count of all operations Completed/Initiated over db. |
Connections | Count of all connections Total/Current. |
Bytes | Traffic in bytes. |
Entries | Number of entries. |
Pdus | Number of Protocol Data Unit(s). |
Referrals | Number of referrals. |
Waiters Read | The number of threads blocked waiting to read data from a client. |
Waiters Write | The number of threads blocked waiting to write data to a client. |
Threads Active | Threads (operations) currently active in slapd. |
Threads Pending | Threads (operations) currently pending in slapd. |