Monitoring OpenLDAP
The OpenLDAP sensor is automatically deployed and installed after you install the Instana agent.
Configuration
It is a prerequisite that the OpenLDAP monitoring module is enabled and configured.
OpenLDAP configuration
-
Check if your monitoring module is enabled on your OpenLDAP installation:
ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=module{0},cn=config"If
olcModuleLoad: {1}back_monitoris included in the response, the monitoring module is enabled. You can skip to step 3. -
To enable the monitoring module, create a
module_monitoring.ldiffile and run the command:dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: {1}back_monitorldapmodify -Y EXTERNAL -H ldapi:/// -f module_monitor.ldif -
Create an encrypted password for the monitoring user:
slappasswd -s <MONITOR_USER_PASSWORD> -
Create a
cn_monitor.ldiffile and run the following command to add the monitoring user:dn: <NEW_MONITORING_USER_DISTINGUISHED_NAME> objectClass: simpleSecurityObject objectClass: organizationalRole cn: <COMMON_NAME_OF_THE_NEW_MONITORING_USER> description: LDAP monitor userPassword: <ENCRYPTED_PASSWORD>ldapadd -x -D <ADMIN_DISTINGUISHED_NAME> -w <ADMIN_PASSWORD> -f cn_monitor.ldif -
Create a
database_monitor.ldiffile and run the following command to configure the monitoring database:dn: olcDatabase={2}Monitor,cn=config objectClass: olcDatabaseConfig objectClass: olcMonitorConfig olcDatabase: {2}Monitor olcAccess: {0}to dn.subtree="cn=Monitor" by dn.base="<NEW_MONITORING_USER_DISTINGUISHED_NAME>" read by * noneldapadd -Y EXTERNAL -H ldapi:/// -f database_monitor.ldif -
To test the monitoring module, run the following command:
ldapsearch -x -D <NEW_MONITORING_USER_DISTINGUISHED_NAME> -w <MONITOR_USER_PASSWORD> -b cn=Uptime,cn=Time,cn=Monitor -s base '(objectClass=*)' '*' '+'
Agent configuration
To enable in-depth metric monitoring, the agent requires the credentials of the monitoring user to access monitoring information.
You can configure it in the agent here: <agent_install_dir>/etc/instana/configuration.yaml:
com.instana.plugin.openldap:
user: '' # distinguished name of monitoring user, like 'cn=Monitor,dc=example,dc=com'
password: '' # password for monitoring user
port: 10389 # default is 389
schemaPath: '/opt/GC/data/slapd.d/' # schema files location
Metrics collection
To view the metrics, select Infrastructure in the sidebar of the Instana User interface, click a specific monitored host, and then you can see a host dashboard with all the collected metrics and monitored processes.
Configuration data
| OpenLDAP Server Details | Description |
|---|---|
| Started At | Time when OpenLDAP server started. |
| DN | Configured Distinguished Name. |
| CN | Configured Common Name. |
| Object Class | Configured ObjectClass (collection of attributes). |
| Args file | Command line args with wich OpenLDAP was started. |
| PID file | Current PID of running OpenLDAP. |
| Log Level | Log level of running OpenLDAP. |
| Tool Threads | The maximum number of threads to use in tool mode. |
Performance metrics
| OpenLDAP Server Metrics | Description |
|---|---|
| Operations | Count of all operations Completed/Initiated over db. |
| Connections | Count of all connections Total/Current. |
| Bytes | Traffic in bytes. |
| Entries | Number of entries. |
| Pdus | Number of Protocol Data Unit(s). |
| Referrals | Number of referrals. |
| Waiters Read | The number of threads blocked waiting to read data from a client. |
| Waiters Write | The number of threads blocked waiting to write data to a client. |
| Threads Active | Threads (operations) currently active in slapd. |
| Threads Pending | Threads (operations) currently pending in slapd. |