MongoDB Enterprise includes an auditing capability for mongod and mongos instances. The auditing facility allows administrators and users to track system activity for deployments with multiple users and applications.
This mongod configuration file will enable auditing, with the audit log being directed to a file.
systemLog:
destination: file
path: /home/vagrant/M310-HW-3.3/r0/mongodb.log
storage:
dbPath: /home/vagrant/M310-HW-3.3/r0
processManagement:
fork: true
net:
bindIp: database.m310.mongodb.university
port: 31330
auditLog:
destination: file
format: JSON
path: /home/vagrant/M310-HW-3.3/r0/auditLog.json
This configuration file contains a filter that limits the audit output to actions by user steve only.
systemLog:
destination: file
path: /home/vagrant/M310-HW-3.3/r0/mongodb.log
storage:
dbPath: /home/vagrant/M310-HW-3.3/r0
processManagement:
fork: true
net:
bindIp: database.m310.mongodb.university
port: 31330
auditLog:
destination: file
format: JSON
path: /home/vagrant/M310-HW-3.3/r0/auditLog.json
filter: '{users: {$elemMatch: {"user": "steve"}}}'
Note: You must enclose the query part of the filter in single quotes. Use double quotes inside the query.
systemLog:
destination: file
path: /home/vagrant/M310-HW-3.3/r0/mongodb.log
storage:
dbPath: /home/vagrant/M310-HW-3.3/r0
processManagement:
fork: true
net:
bindIp: database.m310.mongodb.university
port: 31330
auditLog:
destination: file
format: JSON
path: /home/vagrant/M310-HW-3.3/r0/auditLog.json
setParameter: {auditAuthorizationSuccess: true}