By default, when running mongod, only query authorization failures are shown in the log. Those for updates, deletes, inserts etc are not shown unless the logging level is increased.
This appears every time an unauthorized query happens with the default logging level:
2013-10-24T14:52:24.637-0400 [conn2] User Assertion: 13:not authorized for query on test.test 2013-10-24T14:52:24.637-0400 [conn2] assertion 13 not authorized for query on test.test ns:test.test query:{ a: 1.0 } 2013-10-24T14:52:24.637-0400 [conn2] query keyUpdates:0 exception: not authorized for query on test.test code:13 reslen:83 0ms
This does not appear in the log unless logging level is increased with -v:
2013-10-24T14:57:19.007-0400 [conn2] User Assertion: 13:not authorized for update on test.test 2013-10-24T14:57:19.007-0400 [conn2] update test.test keyUpdates:0 exception: not authorized for update on test.test code:13 0ms 2013-10-24T14:57:19.007-0400 [conn2] run command test.$cmd { getlasterror: 1.0, w: 1.0 }
Also, in the shell, the output for a failed query looks different than the output for a failed insert, update, delete, etc:
> db.test.find({a:1}) error: { "$err" : "not authorized for query on test.test", "code" : 13 } > db.test.update({a:1},{a:2}) not authorized for update on test.test > db.test.remove({a:1}) not authorized to remove from test.test