Performance testing results show a 15% degradation in operation throughput when auditing is enabled, when no operations match the audit filter pattern. This is as compared to a system with access control enabled (--auth) but auditing disabled. It would be preferable to pay a much lower penalty, even at the expense of reduced throughput for operations that do match the filter.
Mongodb cmdline:
./mongod --auth --logpath m1.txt (benchRun patch)
Auth on (1,2,4,8,12,16 threads)
16174.05333 29139.19333 53296.59333 87804.80667 141010.1167 185615.9433
Auth On + audit (non-matching filter, unaudited user)
Mongodb cmdline:
./mongod --dbpath db/ --auth --auditDestination file --auditPath ./auditme --auditFormat BSON --setParameter auditAuthzSuccess=true --auditFilter '{ "users.user" : "foo"}' --logpath m1.txt
Audit On Unaudited 13781.85667 25435.05667 46572.59667 78398.23 121390.8633 157663.3433
Steps to reproduce:
git clone https://github.com/mongodb/mongo-perf
cd mongo-perf
python benchrun.py -f testcases/query.js -u read_me -p thisisnotapassword