Security >
Configure and Deploy Auditing

Configure and Deploy Auditing¶

On this page

Prerequisites
Procedure

MongoDB Enterprise provides the capability to audit mongod and mongos instances. The auditing facility allows administrators and users to track system activity for deployments with multiple users and applications. Administrators can configure auditing to write to the console, syslog, a JSON file or a BSON file. You can also use filters to restrict which events are logged.

Important

If you enable log rotation, Cloud Manager uses the default MongoDB log rotation, which rotates both the server logs and audit logs. However, Cloud Manager does not:

Support separate rules for rotating server logs and audit logs; Cloud Manager treats them both the same way.
Perform any compression or deletion of audit logs for security reasons. You must use an appropriate security software to compress and delete audit logs.

Note

For more general information about auditing, including the audit guarantee, see Auditing. For details about audited events, see Audit Event Actions, Details, and Results. For information about setting up filters, see Configure Audit Filters.

Prerequisites¶

Your Cloud Manager cluster must run MongoDB Enterprise, version 2.6 or later, to configure and deploy auditing.

Procedure¶

1

Click Deployment, then Processes.¶

2

Click Modify next to the MongoDB process for which you want to configure auditing.¶

3

Click Advanced Configuration Options.¶

4

Click + Add Option.¶

5

6

7

(Optional) If you selected `file` as the audit log destination, repeat step 4 and specify the following additional properties:¶

auditLogFormat: JSON or BSON
auditLogPath: the desired location of the audit log file

8

(Optional) To filter which events are audited, repeat steps 1-4 and add the `auditLogFilter` property.¶

For information about how to create filters, see Configure Audit Filters.

9

Click Apply to deploy your auditing configuration.¶

← Rotate Master KMIP Keys MongoDB Agent →

Cloud Manager will no longer support Automation for MongoDB 3.4 clusters after February 10, 2022. Please upgrade your MongoDB deployment or migrate to Atlas.

Configure and Deploy Auditing¶

Prerequisites¶

Procedure¶

Click Deployment, then Processes.¶

Click Modify next to the MongoDB process for which you want to configure auditing.¶

Click Advanced Configuration Options.¶

Click + Add Option.¶

Select auditLogDestination from the Startup Option menu.¶

Select the desired destination for audit events from the Value menu.¶

(Optional) If you selected `file` as the audit log destination, repeat step 4 and specify the following additional properties:¶

(Optional) To filter which events are audited, repeat steps 1-4 and add the `auditLogFilter` property.¶

Click Apply to deploy your auditing configuration.¶

Cloud Manager will no longer support Automation for MongoDB 3.4 clusters after February 10, 2022. Please upgrade your MongoDB deployment or migrate to Atlas.

Configure and Deploy Auditing¶

Prerequisites¶

Procedure¶

Click Deployment, then Processes.¶

Click Modify next to the MongoDB process for which you want to configure auditing.¶

Click Advanced Configuration Options.¶

Click + Add Option.¶

Select auditLogDestination from the Startup Option menu.¶

Select the desired destination for audit events from the Value menu.¶

(Optional) If you selected file as the audit log destination, repeat step 4 and specify the following additional properties:¶

(Optional) To filter which events are audited, repeat steps 1-4 and add the auditLogFilter property.¶

Click Apply to deploy your auditing configuration.¶

(Optional) If you selected `file` as the audit log destination, repeat step 4 and specify the following additional properties:¶

(Optional) To filter which events are audited, repeat steps 1-4 and add the `auditLogFilter` property.¶