OpenLDAP

Auto-Detection

Built-in Metrics

Bleemeo monitors OpenLDAP through automatic service detection and built-in metrics gathered from the slapd monitoring backend.

Auto-Detection

Glouton automatically detects OpenLDAP instances running on the host. To enable metrics gathering, you must enable the slapd monitoring backend and configure a bind DN and password in the agent configuration.

If the auto-detected parameters are incorrect or you need to configure metrics gathering, you can override them manually.

Linux
Windows

sudo tee /etc/glouton/conf.d/99-openldap.conf > /dev/null << 'EOF'
service:
  # For an OpenLDAP running outside a container
  - type: "openldap"
    address: "127.0.0.1"
    port: 389
    # DN/password to bind with. If username is empty, an anonymous bind is performed.
    username: "cn=admin,dc=example,dc=org"
    password: "adminpassword"
    # Use LDAPS (note that port will likely need to be changed to 636)
    ssl: true
    # Use StartTLS (you cannot enable both ssl and starttls at the same time)
    starttls: true
    # Skip host certificate verification
    ssl_insecure: true
    # Path to PEM-encoded root certificate to verify the server certificate
    ca_file: "/myca"

  # For an additional OpenLDAP running outside a container
  - type: "openldap"
    instance: "NAME_ASSOCIATED_WITH_YOUR_ADDITIONAL_SERVICE"
    address: "127.0.0.1"
    port: 390
    username: "cn=admin,dc=example,dc=org"
    password: "adminpassword"

  # For an OpenLDAP running in a Docker container
  - type: "openldap"
    instance: "CONTAINER_NAME"
    address: "172.17.0.2"
    port: 389
    username: "cn=admin,dc=example,dc=org"
    password: "adminpassword"
EOF

Create or edit C:\ProgramData\glouton\conf.d\99-openldap.conf:

service:
  # For an OpenLDAP running outside a container
  - type: "openldap"
    address: "127.0.0.1"
    port: 389
    # DN/password to bind with. If username is empty, an anonymous bind is performed.
    username: "cn=admin,dc=example,dc=org"
    password: "adminpassword"
    # Use LDAPS (note that port will likely need to be changed to 636)
    ssl: true
    # Use StartTLS (you cannot enable both ssl and starttls at the same time)
    starttls: true
    # Skip host certificate verification
    ssl_insecure: true
    # Path to PEM-encoded root certificate to verify the server certificate
    ca_file: "/myca"

  # For an additional OpenLDAP running outside a container
  - type: "openldap"
    instance: "NAME_ASSOCIATED_WITH_YOUR_ADDITIONAL_SERVICE"
    address: "127.0.0.1"
    port: 390
    username: "cn=admin,dc=example,dc=org"
    password: "adminpassword"

  # For an OpenLDAP running in a Docker container
  - type: "openldap"
    instance: "CONTAINER_NAME"
    address: "172.17.0.2"
    port: 389
    username: "cn=admin,dc=example,dc=org"
    password: "adminpassword"

Built-in Metrics

Metric	Description
`service_status`	Status of OpenLDAP
`openldap_connections_current`	Current number of active connections
`openldap_waiters_read`	Number of threads blocked waiting to read data from a client
`openldap_waiters_write`	Number of threads blocked waiting to write data to a client
`openldap_threads_active`	Number of threads currently active in slapd
`openldap_statistics_bytes`	Outgoing bytes per second
`openldap_statistics_entries`	Outgoing entries per second
`openldap_operations_add_completed`	Number of add operations per second
`openldap_operations_bind_completed`	Number of bind operations per second
`openldap_operations_delete_completed`	Number of delete operations per second
`openldap_operations_modify_completed`	Number of modify operations per second
`openldap_operations_search_completed`	Number of search operations per second