Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

The audit log, logs all the write operations by default but the documentations says the opposite

Description

The audit log, logs all the write operations by default but the documentations says the opposite.

 

With a default configuration: --auditPath /home/zelmar/data/audit.log --auditDestination file

The audit log captures all the write/update/delete operations. Ex:

 

We’ve tested in MongoDB Enterprise, and by default, the audit log doesn’t log the write operations:

Environment

None

AFFECTED CS IDs

CS0044642

Activity

Show:

Igor Solodovnikov March 13, 2024 at 8:27 AM

This is not only a documentation issue. Those data modification events (insertOperation/updateOperation/removeOperation) should not be logged at all regardless of auditAuthorizationSuccess state.

Instead there should be another event “directAuthMutation” which will be logged only in case of changes made to admin.system.users or addmin.system.roles collections.

documentation is mostly correct, the only thing which can be clarified is that auditAuthorizationSuccess only affects how many “authCheck” events will be logged (only failures or all).

Done

Details

Assignee

Reporter

Labels

Needs QA

No

Needs Doc

No

Components

Fix versions

Affects versions

Priority

Smart Checklist

Created March 12, 2024 at 8:17 PM
Updated April 17, 2024 at 12:29 AM
Resolved March 14, 2024 at 10:45 AM