[Date Prev][Date Next] [Chronological] [Thread] [Top]

Experience with LDAP monitoring (cn=monitor)



Hi!

I'd like to inform you about my experience with LDAP monitoring using the cn=monitor DN to query openLDAP. I wrote a NRPE-plugin used from Nagios/Centreon to gather performance data. So my experience is this:

Issues with LDAP Monitoring

"Uptime" is in whole seconds only (minor issue). SNMP uptime has a finer
resolution (but limited range, unfortunately).

Detailed data per peer can only be retrieved through the "Connections", but
that's a moment's view only: So if a client opens a connection, does a few
operations, then closes the connection, a polling client of the monitor will
never see those client operations.  Also when needing a cumulative count of
operations per peer (or just the number of connections per peer (for a rate)), a monitor
client will have to accumulate the numbers from all peer connections.  If a
connection (with significant operations being done) was closed since the last
poll, the total number will look negative.  So the monitor client will have to
store accumulated numbers for closed connections per peer also (Keeping
numbers for all closed connections seems inefficient).

"Current Connections" is returned as monitor _counter_ object (monitorCounter),
where in fact it's of type "gauge", opposed to "Total Connections" (which is also
returned as monitor counter) which is actually a counter.  This makes the code harder
than necessary.

What I'm missing are some database (BDB/HDB) runtime statistics.


Ok, I'll attach four PNG graphs to let you see how far I got.

Regards,
Ulrich


Attachment: LDAP-TransportStats.png
Description: PNG image

Attachment: LDAP-PeerConns.png
Description: PNG image

Attachment: LDAP-OpsRcvd.png
Description: PNG image

Attachment: LDAP-Connections.png
Description: PNG image