Docs Menu

Docs HomeMongoDB Ops Manager

Configure and Deploy Auditing

On this page

  • Prerequisites
  • Procedure

MongoDB Enterprise provides the capability to audit mongod and mongos instances. The auditing facility allows administrators and users to track system activity for deployments with multiple users and applications. Administrators can configure auditing to write to the console, syslog, a JSON file or a BSON file. You can also use filters to restrict which events are logged.

Important

If you're running MongoDB Enterprise version 5.0 or later and MongoDB Agent 11.0.13.7055 or later, you can:

  • Set separate rules for rotating server logs and audit logs.

  • Compress and delete audit logs using Ops Manager. For security reasons, we recommend managing your audit log compression and deletion outside of Ops Manager.

If you're running earlier versions of MongoDB Enterprise or the MongoDB Agent, Ops Manager:

  • Uses your System Log Rotation settings to rotate both the server logs and the audit logs.

  • Doesn't compress or delete audit logs. If you configure compression and deletion, Ops Manager applies these settings to the server logs only.

MongoDB Community users can rotate, compress, and delete the server logs only.

Note

For more general information about auditing, including the audit guarantee, see Auditing. For details about audited events, see Audit Event Actions, Details, and Results. For information about setting up filters, see Configure Audit Filters.

Your Ops Manager cluster must run MongoDB Enterprise, version 2.6 or later, to configure and deploy auditing.

1
2
3
4
5
6
7
  • auditLogFormat: JSON or BSON

  • auditLogPath: the desired location of the audit log file

8

For information about how to create filters, see Configure Audit Filters.

9
←  Rotate Master KMIP KeysMongoDB Agent →