MongoDB Notes

 

MongoDB Enterprise includes an auditing capability for mongod and mongos instances. The auditing facility allows administrators and users to track system activity for deployments with multiple users and applications.

 

Configuration to Enable Auditing

 

This mongod configuration file will enable auditing, with the audit log being directed to a file.

 

systemLog:

  destination: file

  path:  /home/vagrant/M310-HW-3.3/r0/mongodb.log

storage:

  dbPath: /home/vagrant/M310-HW-3.3/r0 

processManagement:

  fork: true

net:

  bindIp: database.m310.mongodb.university

  port: 31330

auditLog:

   destination: file

   format: JSON

   path: /home/vagrant/M310-HW-3.3/r0/auditLog.json

 

Configuration to Enable Auditing with Filter

 

This configuration file contains a filter that limits the audit output to actions by user steve only.

 

systemLog:

  destination: file

  path:  /home/vagrant/M310-HW-3.3/r0/mongodb.log

storage:

  dbPath: /home/vagrant/M310-HW-3.3/r0 

processManagement:

  fork: true

net:

  bindIp: database.m310.mongodb.university

  port: 31330

auditLog:

   destination: file

   format: JSON

   path: /home/vagrant/M310-HW-3.3/r0/auditLog.json

   filter: '{users: {$elemMatch: {"user": "steve"}}}'

Note: You must enclose the query part of the filter in single quotes.  Use double quotes inside the query.

 

Configuration to Enable Auditing of Data Manipulation Commands

 

systemLog:

  destination: file

  path:  /home/vagrant/M310-HW-3.3/r0/mongodb.log

storage:

  dbPath: /home/vagrant/M310-HW-3.3/r0 

processManagement:

  fork: true

net:

  bindIp: database.m310.mongodb.university

  port: 31330

auditLog:

   destination: file

   format: JSON

   path: /home/vagrant/M310-HW-3.3/r0/auditLog.json

setParameter: {auditAuthorizationSuccess: true}

   

References

 

Auditing