Hello,
I have chosen "Splunk supporting Add-on for Active Directory" to perform LDAP search to my Fedora Directory Server.
Now I would like to monitor the parameters inside `cn=monitor`.
A search like:
| ldapsearch domain=myLDAP search="(&(objectclass=*))" basedn="cn=monitor" scope=sub
Provides a pretty json formatted event:
{ [-]
addentryops: [ [-]
603
]
anonymousbinds: [ [-]
327
]
bindsecurityerrors: [ [-]
15
]
bytesrecv: [ [-]
0
]
bytessent: [ [-]
2596463937
]
cacheentries: [ [-]
0
]
cachehits: [ [-]
0
]
chainings: [ [-]
0
]
cn: [ [-]
snmp
]
compareops: [ [-]
0
]
connections: [ [-]
9
]
connectionseq: [ [-]
33669
]
connectionsinmaxthreads: [ [-]
0
]
connectionsmaxthreadscount: [ [-]
0
]
copyentries: [ [-]
0
]
entriesreturned: [ [-]
1492450
]
errors: [ [-]
176296
]
inops: [ [-]
823250
]
listops: [ [-]
0
]
masterentries: [ [-]
0
]
modifyentryops: [ [-]
489546
]
modifyrdnops: [ [-]
204
]
objectClass: [ [-]
top
extensibleObject
]
onelevelsearchops: [ [-]
127
]
readops: [ [-]
0
]
referrals: [ [-]
0
]
referralsreturned: [ [-]
0
]
removeentryops: [ [-]
602
]
searchops: [ [-]
288365
]
securityerrors: [ [-]
18
]
simpleauthbinds: [ [-]
2102
]
slavehits: [ [-]
0
]
strongauthbinds: [ [-]
0
]
unauthbinds: [ [-]
327
]
wholesubtreesearchops: [ [-]
2849
]
}
**The big question is:
How to introduce this in a metric suitable for a metric index**
I tried some tricks with `mcollect`, but it doesn't seem very easy.
Could you help me?
Thank you very much
Marco
↧
