dirxaudstatistics

Synopsis

dirxaudstatistics
    {-S audit_log_files_list | -i audit_log_file_1[,audit_log_file_2,…,audit_log_file_n]}
    [-a path_to_folder_for_output_files]
    [-e]
    [-o operation …]
    [-G operation_group …]
    [-d number]
    [-A number]
    [-O output_format]
    [-Ld duration]
    [-Lc concurrency]
    [-Ls CTX_memory]
    [-p protocol …]
    [-C string]
    [-B begin_time]
    [-E end_time]
    [-k encryption_password | -K encryption_password_file]
    [-I record_count]
    [-N ldap_dn]
    [-Q cookie]
    {[-t IP_address[,IP_address] | -T IP_address[,IP_address]]}
    [-u user]
    {[-y filtering_DNs_file | -Y ignoring_DNs_file]}
    [-r]
    [-U]
    [-Lq operations_by_qtime]
    [-La operations_by_apitime]
    [-Ldec operations_by_apidectime]
    [-Ldsa operations_by_dsatime]
    [-Lidm operations_by_idmtime]
    [-Ti active_clients]
    [-Ts search_results]
    [-Tua active_users_activity]
    [-Tui active_users_bytes_in]
    [-Tuo active_users_bytes_out]
    [-Tf LDAP_search_filters]
    [-Tb LDAP_search_baseobjects]
    [-Ta LDAP_search_requested_attrs]
    [-v] |
    [-h] |
    -V

Purpose

Evaluates multiple binary DSA and LDAP server audit log files and provides statistical information about all evaluated records.

Options

-S audit_log_files_list

  • Specifies the name of a file containing a list of fully-qualified binary audit log file names. Every audit log file name must be on a separate line in that file.

    Example of the file content:

    c:\dirx\tmp\audit.log.20200827074045Z_001
c:\dirx\tmp\audit.log.20200827091435Z_002
c:\dirx\tmp\audit.log.20200827091506Z_003

    Either the -S option or the -i option can be specified.

-i audit_log_file_1[,audit_log_file_2,…,audit_log_file_n]

  • Specifies the names of the audit log files to evaluate. The filenames are separated by commas (,) with no space before and after the commas.

    Example:

    -i audit.log.20200827074045Z_001,audit.log.20200827091435Z_002,
audit.log.20200827091506Z_003

    Either the -S option or the -i option can be specified.

-a path_to_folder_for_output_files

  • Specifies the path name of the folder where dirxaudstatistics saves the output files. If this option is not specified, the output files are written to the same location as the binary audit log files specified in the -S or -i option.

    The -O option specifies the output file format.

-e

  • Specifies that dirxaudstatistics continues processing if an error occurs while the operation is in progress. This option is available only for errors specific to audit. This option does not cover errors due to memory management or disk space limits.

-o operation

  • Evaluates only entries of the specified operation. Specify one -o operation option for each operation that should be evaluated; for example, -o add -o modify. The following keywords apply to operation:

    • all - All operations

    • abandon - All abandon operations

    • add - All add operations

    • bind - All bind operations

    • compare - All compare operations

    • moddn - All moddn operations

    • modify - All modify operations

    • search - All search operations

    • unbind - All unbind operations

  • The following keywords are only relevant to the evaluation of DSA audit log files. They are ignored when evaluating LDAP server audit log files.

    • abort - All abort operations

    • list - All list operations

    • read - All read operations

    • remove - All remove / delete operations

  • The following keywords refer to shadowing protocol operations (DISP) in DSA audit log files:

    • clean_up_shadow_journal

    • consume_delete_entry

    • coord_shadow_update

    • incr_consume_change

    • incr_supply_change

    • req_shadow_update

    • tot_consume_entry

    • tot_supply_entry

    • update_scheduled

    • update_shadow

  • The following keywords are only relevant to the evaluation of LDAP server audit log files; they are ignored when evaluating DSA audit log files:

    • delete - All delete operations.

    • extop - All LDAPv3 extended operations; for example, unsolicited notification or startTLS.

    • ldap - All LDAP server operations except other, unknown and RPC operations.

    • other - All unexpected client operations.

    • rpc - All RPC operations.

    • unknown - All unexpected client operations that indicate client misbehavior; for example, closing the socket layer without initiating an LDAP unbind operation.

-G operation_group

  • Evaluates only entries of the specified operation group. An operation group consists of multiple operations (see -o). Specify one -G operation group option for each operation group that should be evaluated; for example, -G MODIFICATION -G CONNECTION. The following keywords apply to operation groups:

    • MODIFICATION - add, modify, moddn, remove, delete.

    • READING - read, compare, list, search.

    • SHADOWING - coord_shadow_update, req_shadow_update, update_shadow, update_scheduled, clean_up_shadow_journal, tot_supply_entry, tot_consume_entry, incr_supply_change, incr_consume_change, consume_delete_entry.

    • CONNECTION - bind, unbind, abort, abandon.

  • Operation groups can be used in conjunction with operations; for example, -G CONNECTION -o search.

-d number

  • Directs dirxaudstatistics to print only the first number characters of an LDAP/DAP filter in a search request. The default value is 1000.

-A number

  • Directs dirxaudstatistics to print only the first number requested attributes of a search request. The default value is 100.

-O output_format

  • Specifies the output format. Specify one of the following values for output_format:

    • 0 directs the dirxaudstatistics command to write one single ASCII output file containing a statistical summary of all evaluated entries.

    • 1 directs the dirxaudstatistics command to write one single ASCII output file for each binary audit file with header information about this binary audit log file and one ASCII output file containing a statistical summary of all evaluated entries.

    • 2 directs the dirxaudstatistics command to write one single ASCII output file for each binary audit file with header information about this binary audit log file and then decoded records of this binary audit log file and one ASCII output file containing a statistical summary of all evaluated entries.

  • The names of the output files are:

    • For files containing the header and decoded records: name_of_input_file*.txt*

    • For the summary file: summary*creation_time_stamp_in_UTC_format.txt*

-h

  • Prints a command usage message.

-v

  • Increases the verbosity level of dirxaudstatistics output. There are three levels of increasing verbosity: specify -v for the first level, specify -vv or -v -v for the second level, and specify
    -vvv or -v -v -v for the third level.

-V

  • Displays the DirX Directory product version, in the format:

    product_version build_id date time

    For example:

    DirX Directory V9.0 9.4.428 2023:03:23 20:10 64-Bit

The following options control the amount of statistical output:

-Ld duration

  • Specifies the length of the list containing duration number of operations with the longest durations. The default is 1000, the maximum allowed value is 10000.

-Lc concurrency

  • Specifies the length of the list containing concurrency number of operations with the highest concurrency. The default is 1000, the maximum allowed value is 10000.

-Ls CTX_memory

  • Specifies the length of the list containing CTX_memory number operations that require the most memory. The default is 1000, the maximum allowed value is 10000.

The following option is only relevant to the evaluation of DSA audit log files. It is ignored when evaluating LDAP server audit log files.

-p protocol

  • Evaluates only entries of the specified protocol for DSA audit log files. Specify one -p protocol option for each protocol that should be evaluated; for example -p disp -p dsp. The following keywords (case insensitive) apply to protocol:

    • dap - All DAP operations

    • disp - All DISP operations

    • dsp - All DSP operations

    • rpc - All local (RPC) operations

The following options are only relevant to the evaluation of LDAP server audit log files. They are ignored when evaluating DSA server audit log files.

-C string

  • Directs the dirxaudstatistics command to evaluate only records that have a session-tracking control value with a SID-name component that contains the specified string. dirxadstatistics does not evaluate records without a session-tracking control value and records where the string does not occur in the SID-Name component of the session-tracking control. For example, dirxaudstatistics -C WfStatusLogHandler will result in an output file that contains only those operations that were issued by an LDAP client that added a session-tracking control with the SID-Name that contains the string “WfStatusLogHandler” to the operation.

-B begin_time

  • Specifies that the dirxaudstatistics command evaluates only records created after the specified time. Specify the value in the format YYYYMMDDhhmmss; for example, 20120617123000. The value represents the local time saved as the creation time stamp of an operation in the evaluated audit log file.

-E end_time

  • Specifies that the dirxaudstatistics command evaluates only records created before the specified time. Specify the value in the format YYYYMMDDhhmmss; for example, 20120618123000. The value represents the local time saved as the creation time stamp of an operation in the evaluated audit log file.

-k encryption_password

  • Specifies the password that is required to evaluate and decrypt encrypted audit log files. The encrypted audit log files must all have been encrypted using the same password. The dirxaudstatistics command automatically detects whether an audit log file is encrypted. If no password or an incorrect password is specified for an encrypted audit log file, the evaluation process is terminated and an error message is written to stderr.

-K encryption_password_file

  • Specifies the path to a file containing the password that is required to evaluate and decrypt encrypted audit log files (see the -k option). The password must be the only content of this file. When creating the file, the password must be specified in plain ASCII format. After the first successful reading by the application, the password is symmetrically encrypted and the file is rewritten to provide protected local storage.

-I record_count

  • (The option is an uppercase “i”) Specifies the number of audit records processed at which dirxaudstatistics issues progress reports during LDAP server audit log file processing. The default value is 5000. A value of 0 specifies no progress reporting.

-N ldap_dn

  • Specifies that the dirxaudstatistics command evaluates only records that match the specified ldap_dn. Whether or not a record matches the specified ldap_dn depends on the record type:

    Record type The record is evaluated if

    ADD, MODIFY, MODDN, DELETE, COMPARE

    the target entry name of the operation matches the specified ldap_dn.

    SEARCH

    the base object name matches the specified ldap_dn and the scope of the search is baseobject.

    BIND

    the bind user name matches the specified ldap_dn.

    All other

    never matches.

    Specify multiple -N options to filter the evaluated records for multiple distinguished names; for example -N ldap_dn1 -N ldap_dn2. The value of ldap_dn is case-insensitive.

    Examples:

    -N cn=myentry,o=my-company -o add -o modify -o delete evaluates all records with add, modify and delete operations for the object cn=myentry, o=my-company.

    -N cn=myuser,o=my-company -o bind evaluates all records with bind operations for the user cn=myuser, o=my-company.

    -N cn=myentry,o=my-company -o search evaluates all records with search operations for the object cn=myentry, o=my-company and the scope baseobject.

-Q cookie

  • Specifies that the dirxaudstatistics command evaluates only records for which the paged-result cookie is present. The cookie must be specified as a hex-value string like 80000001 (the same as in audit-output). For example, -Q 80000001 evaluates all records that have a cookie 80000001. If the cookie-string is ANY, then all records that have a cookie are evaluated no matter what the value is.

-t IP_address[,IP_address]

  • Specifies that the dirxaudstatistics command evaluates only those records in the audit log file whose client IP address matches the specified IP address. Separate multiple IP addresses with a comma; for example, -t 127.0.0.1,192.10.1.20,192.10.1.30. Use the wildcard (*) to specify an IP submask; for example, -t 127.*.1,192.*.1.20,192.10.1.3. Either the -t or the -T option can be used; using both options fails.

-T IP_address[,IP_address]

  • Specifies that the dirxaudstatistics command does not evaluate records in the audit log file whose client IP addresses match one or more specified IP addresses. The IP addresses specified must be Internet Protocol Version 4 (IPv4) addresses. Separate multiple IP addresses with a comma; for example, -T 127.0.0.1,192.10.1.20,192.10.1.30. Use the wildcard (*) to specify an IP submask; for example, -T 127.*.1,192.*.1.20,192.10.1.3. Either the -T or the -t option can be used; using both options fails.

-u user

  • Specifies that the dirxaudstatistics command evaluates only those records in the audit log file that match the specified user. Specify the distinguished name of the user in LDAP format (case sensitive). (See the section Distinguished Names in the chapter DirX Directory String Representation for LDAP Binds in DirX Directory Syntaxes and Attributes for details.) An empty string ("") specifies the anonymous user.

-y filtering_DNs_file

  • Specifies the name of a file that contains a list of DNs. The dirxaudstatistics command evaluates only those records in the audit log file that match one of the specified users. Specify the distinguished name of the users in LDAP format (case insensitive). (See the section Distinguished Names in the chapter DirX Directory String Representation for LDAP Binds in DirX Directory Syntaxes and Attributes for details.) The string anonymous specifies the anonymous user. You can use the wildcard (*) for RDNs.

    In the file filtering_DNS_file, blank lines and lines starting with the # character are ignored. Each line can contain one DN. Here is an example file:

    # Evaluate all records containing the following users:
cn=Schulz,ou=Sales,o=My-Company
cn=Abele,ou=Development,o=My-Company

# Evaluate all records under o=My-Company with cn Mayer or Meier:
cn=Mayer,*,o=My-Company
cn=Meier,*,o=My-Company

# Evaluate all records of anonymous users:
anonymous

    Either the -y or the -Y option can be used; using both options fails.

-Y ignoring_DNs_file

  • Specifies the name of a file that contains a list of DNs. The dirxaudstatistics command excludes all records in the audit log file from the result that match one of the specified users. The syntax of this option is the same as the syntax of the -y filtering_DNs_file option.

    Either the -Y or the -y option can be used; using both options fails.

-r

  • Specifies that only records with a result code other than success (0), SizeLimitExceeded and TimeLimitExceeded should be evaluated.

-U

  • Specifies that UTF8 code is written to the user output file. If an attribute value is not UTF8-encoded, the value is written in hexadecimal code to the user file. If this option is omitted, ASCII code is written to the user output file.

The following options control the amount of statistical output for evaluated binary LDAP audit log files:

-Lq operations_by_qtime

  • Specifies the length of the list containing operations_by_qtime number of operations with the longest QTime. The maximum allowed value is 10000.

-La operations_by_apitime

  • Specifies the length of the list containing operations_by_apitime number of operations with the longest API Time. The maximum allowed value is 10000.

-Ldec operations_by_apidectime

  • Specifies the length of the list containing operations_by_apidectime number of operations with the longest API-Dec Time (API result decoding). The maximum allowed value is 10000.

-Ldsa operations_by_dsatime

  • Specifies the length of the list containing operations_by_dsatime number of operations with the longest DSA Time. The maximum allowed value is 10000.

-Lidm operations_by_idmtime

  • Specifies the length of the list containing operations_by_idmtime number of operations with the longest IDM Time. The maximum allowed value is 10000.

-Ti active_clients

  • Specifies the length of the list containing active_clients number of most active clients (IP). The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Ts search_results

  • Specifies the length of the list containing search_results number of returned data in search results (IP). The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Tua active_users_activity

  • Specifies the length of the list containing active_users_activity distinguished names of the most active users. The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Tui active_users_bytes_in

  • Specifies the length of the list containing active_users_bytes_in distinguished names of the users with the highest number of incoming bytes. The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Tuo active_users_bytes_out

  • Specifies the length of the list containing active_users_bytes_out distinguished names of the users with the highest number of outgoing bytes. The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Tf LDAP_search_filters

  • Specifies the length of the list containing LDAP_search_filters number of the most frequently used LDAP search filters. The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Tb LDAP_search_baseobjects

  • Specifies the length of the list containing LDAP_search_baseobject number of the most frequently used base objects in LDAP search requests. The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

-Ta LDAP_search_requested_attrs

  • Specifies the length of the list containing LDAP_search_requested_attrs number of the most frequently requested attributes in LDAP search requests. The default is 1000, the maximum allowed value is 10000. This option is applicable when the -v -v option is specified.

Description

Like the dirxauddecode command, the dirxaudstatistics command evaluates DSA and LDAP server audit log files and generates customized output in human-readable ASCII-formatted files. (see the -O option) The generated output identifies all incoming protocol requests, their detailed operation parameters and the result code for each operation. The output also contains operational information such as durations, threading information and error messages that can be used to diagnose the running system or tune DirX Directory. The output does not contain any entry information that read and search operations return; for example, attribute values or distinguished names of entries that satisfy the search filter. (See the dirxauddecode reference page for details.)

Unlike the dirxauddecode command, the dirxaudstatistics command can evaluate multiple audit log files. It provides a lot of options to control statistical information. Either a set of DSA audit log files or a set of LDAP audit log files can be evaluated at one time. The type of first file in the list specifies whether dirxaudstatistics evaluates DSA or LDAP audit log files. The files from the list are evaluated in exactly the order they are given in the list.

If an error occurs while the operation is in progress, dirxaudstatistics stops evaluating audit log files if the -e option is not specified.

dirxaudstatistics tracks the changes in the header data from the first evaluated file in the list to the current one and marks changed values in the output file. (See the -O option for details.) The following information is written:

  • Changes tracked for LDAP audit files: OpSelection, OpErrors, Audit Level, Server-PID, Total Phys Memory, HTM CTX Size, CTX ULimit, CPUs, Max Open Files soft, Max Open Files hard, PID, HostName, Host IP, Server Version, Backend Sharing, Ldap Port, SSL Port, Max Conn, Client Idle Time, Thread Pool Size, Search Size Limit, Search Service Controls, Cache.

  • Changes tracked for DSA audit files: Server-PID, PID, Server-Version, HostName, HWM CTX Size, CTX ULimit.

dirxaudstatistics can evaluate only files generated with the same audit version.

Example

  1. In the following example, the LDAP server dirxaudstatistics evaluates LDAP server audit log files. Only a summary log file is provided (-O 0). This summary file is located under the folder C:\Output\OutputBulkAuditFilesLDAP (-a option). The list of audit log files to be evaluated is stored in the file C:\Input\InputBulkAuditFilesLDAP\ldap_audit_log_files.txt (-S option). In the event of errors, dirxaudstatistics continues processing (-e option). The three operations with the longest duration (-Ld 3), the distinguished names of the three most active users (-Tua 3), the distinguished names of five users with the most incoming bytes (-Tui 5), and the distinguished names of six users with the most outgoing bytes (-Tuo 6) are written to the summary file. The level of verbosity is 2 (-v –v):

    dirxaudstatistics -Tua 3 -Tui 5 -Tuo 6 -Ti 3 -e -S C:\Input\InputBulkAuditFilesLDAP\ldap_audit_log_files.txt -a C:\Output\OutputBulkAuditFilesLDAP -O 0 -Ld 3 -v –v

  2. The following example is the same as the example above. However, dirxaudstatistics is directed to write the summary file and a file containing a header for each audit log file evaluated (-O 1):

    dirxaudstatistics -Tua 3 -Tui 5 -Tuo 6 -Ti 3 -e -S C:\Input\InputBulkAuditFilesLDAP\ldap_audit_log_files.txt -a C:\Output\OutputBulkAuditFilesLDAP -O 1 -Ld 3 -v –v

  3. The following example is the same as the example above. dirxaudstatistics is now directed to write the summary file and a file containing a header and all operations for each audit log file evaluated (-O 2):

    dirxaudstatistics -Tua 3 -Tui 5 -Tuo 6 -Ti 3 -e -S C:\Input\InputBulkAuditFilesLDAP\ldap_audit_log_files.txt -a C:\Output\OutputBulkAuditFilesLDAP -O 2 -Ld 3 -v –v

  4. The following examples provide examples for evaluating DSA audit log files:

    dirxaudstatistics -e -S C:\Input\InputBulkAuditFilesDSA\dsa_audit_log_files.txt -a C:\Output\OutputBulkAuditFilesDSA -O 2 -Ld 3 -v –v
dirxaudstatistics -e -S C:\Input\InputBulkAuditFilesDSA\dsa_audit_log_files.txt -a C:\Output\OutputBulkAuditFilesDSA -O 1 -Ld 3 -v -v
dirxaudstatistics -e -S C:\Input\InputBulkAuditFilesDSA\dsa_audit_log_files.txt -a C:\Output\OutputBulkAuditFilesDSA -O 3 -Ld 3 -v –v

  5. The following example illustrates the output. dirxaudstatistics evaluates several (48) DSA audit log files and provides one summary output file (option –O 0). The file flist provides the list of DSA audit log files to be evaluated (-S option):

    *dirxaudstatistics -S flist -O 0 -Ld 10 -Lc 3 -Ls 5*

    The output file of the sample command is as follows:

    #################  DIR.X AUDIT TRAIL (c) Eviden  ################################
Cmd-Line: -S flist -O 0 -Ld 10 -Lc 3 -Ls 5
=================================================================================
  DSA Audit Summary     :
    File(s) Processed   : 48. OK: 48, FAILED: 0
    Records Processed   : 82350
    Time spent          : 22.031521
  Log Time              : 9112 sec
  Concurrency Max       : 19 (2 times) (Op# 057383)
  CtxSize Min/Max       : 12 / 238 MB
  CtxSize HWM Min/Max   : 12 / 238 MB
  Protocol Ops          :
    DAP Ops             : 82320
      Read              : 360
      Compare           : 5789
      List              : 14
      Search            : 38324
      Add               : 21495
      Delete            : 281
      Modify            : 4506
      Bind              : 7318 (0 Init, 7318 Resp)
      Unbind            : 3297
      ModDN             : 111
      ExtendedOp        : 154
      Abort             : 665
    DSP Ops             : 0
    DISP Ops            : 8
      UpdScheduled      : 8
    DOP Ops             : 0
    LOCAL Ops           : 0
    RPC Ops             : 22
    PagingCookieExpired : 6
    UNKNOWN Ops         : 0

  DAP Op Statistics      :     tot |    err |     %
    Read                 :     360 |     50 |   0.4
    Compare              :    5789 |    179 |   7.0
    List                 :      14 |      4 |   0.0
    Search               :   38324 |     22 |  46.5
    Add                  :   21495 |     12 |  26.1
    Remove               :     281 |     14 |   0.3
    Modify               :    4506 |    784 |   5.5
    Bind                 :    7318 |   3104 |   8.9
    Unbind               :    3297 |      0 |   4.0
    ModDN                :     111 |      6 |   0.1
    Abort                :     665 |      0 |   0.8
    Extended             :     154 |      0 |   0.2
    PagingCookieExpired  :       6 |      0 |   0.0

  DSP Op Statistics      :     tot |    err |     %

  DISP Op Statistics     :     tot |    err |     %
    CleanupShadJournal   :       8 |      0 |   0.0

  RPC Op Statistics      :     tot |    err |     %
    RpcOp                :      22 |      0 |   0.0


    Top 10 Durations:
      Duration    StartTime         EndTime           Op#     CC   CTXSize  Prot   Type/Info        Audit File
      63.485130 | 08:24:37.051667 | 08:25:40.536797 | 81014 | 1  | 238    | DAP  | ADD        n/a | audit.log.20150424064530Z_001
      20.656600 | 07:25:58.946352 | 07:26:19.602952 | 5013  | 1  | 138    | DAP  | REMOVE     n/a | audit.log.20150424052810Z_002
      6.323987  | 08:25:41.372828 | 08:25:47.696815 | 81027 | 1  | 97     | DAP  | ADD        n/a | audit.log.20150424064530Z_001
      4.987632  | 07:25:49.143265 | 07:25:54.130897 | 5010  | 1  | 47     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002
      4.467597  | 07:25:54.170162 | 07:25:58.637759 | 5011  | 1  | 50     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002
      4.381933  | 07:25:44.723937 | 07:25:49.105870 | 5009  | 1  | 45     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002
      3.638514  | 07:25:37.618782 | 07:25:41.257296 | 5007  | 1  | 40     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002
      3.391898  | 07:25:41.295458 | 07:25:44.687356 | 5008  | 1  | 42     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002
      3.169521  | 07:25:34.405540 | 07:25:37.575061 | 5006  | 1  | 37     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002
      2.646268  | 07:25:31.720979 | 07:25:34.367247 | 5005  | 1  | 33     | DAP  | MODIFY     n/a | audit.log.20150424052810Z_002


    Top 3 Con    Top 3 Concurrencies:
      CC        Duration   StartTime         EndTime           Op#     CTXSize  Prot   Type/Info    Audit File
      19 |      0.068732 | 08:05:08.578469 | 08:05:08.647201 | 57383 | 14     | DAP  | BIND   n/a | audit.log.20150424060552Z_003
      19 |      0.064744 | 08:05:08.584033 | 08:05:08.648777 | 57384 | 14     | DAP  | BIND   n/a | audit.log.20150424060552Z_003
      18 |      0.070556 | 08:05:08.570394 | 08:05:08.640950 | 57380 | 14     | DAP  | BIND   n/a | audit.log.20150424060552Z_003


    Top 5 Biggest Operations:
      CTXSize    Duration     StartTime         EndTime           Op#     CC   Prot   Type/Info          Audit File
      238 |      63.485130  | 08:24:37.051667 | 08:25:40.536797 | 81014 | 1  | DAP  | ADD        (n/a) | audit.log.20150424064530Z_001
      233 |      1.204796   | 08:25:48.541388 | 08:25:49.746184 | 81201 | 1  | DAP  | SEARCH     (n/a) | audit.log.20150424064530Z_001
      219 |      1.171034   | 08:25:52.777736 | 08:25:53.948770 | 81218 | 1  | DAP  | SEARCH     (n/a) | audit.log.20150424064530Z_001
      138 |      20.656600  | 07:25:58.946352 | 07:26:19.602952 | 5013  | 1  | DAP  | REMOVE     (n/a) | audit.log.20150424052810Z_002
      129 |      0.676265   | 08:26:00.702433 | 08:26:01.378698 | 81304 | 1  | DAP  | SEARCH     (n/a) | audit.log.20150424064530Z_001



##########################  END of TRAIL  #######################################

Exit Codes

The dirxaudstatistics command returns an exit code of 0 on success or a non-negative error code if it encounters an error. The text of the error message is displayed on stderr.

See Also

dirxadm (Chapter 1), audit (Chapter 1), Abbreviation Files (Chapter 2), dirxauddecode (Chapter 1)