Major - P3 Hello All,
I have requirement to track update information like old values, new values, updated by, timestamp, collection, etc ..
I have enabled the audit for crud operation with parameter as below ....
--auditDestination file --auditFormat JSON --auditPath /data/db/auditLog.json --setParameter auditAuthorizationSuccess=true
old values :
==================
"statusCode" : "NOACTN"
==============
update statement :
MongoDB Enterprise > db.preauth_case.update(
... { "createdByUserId" : -2 },
... {
... $set: {"statusCode" : "Update", }
... }
... )
WriteResult({ "nMatched" : 1, "nUpserted" : 0, "nModified" : 1 })
======================
Audit Trail : ==>
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:19:45.416-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65465 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "test", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:19:45.416-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65506 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "ACMP_DEMO", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:08.977-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 63357 }, "users" : [], "roles" : [], "param" : { "command" : "update", "ns" : "ACMP_DEMO.preauth_case", "args" : { "update" : "preauth_case", "updates" : [ { "q" : { "createdByUserId" : -2 }, "u" : { "$set" : { "statusCode" : "Update" } }, "multi" : false, "upsert" : false } ], "ordered" : true } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:08.998-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 63357 }, "users" : [], "roles" : [], "param" : { "command" : "isMaster", "ns" : "ACMP_DEMO", "args" : { "isMaster" : 1, "forShell" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.423-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65467 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "admin", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.423-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 49201 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "admin", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.423-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65464 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "admin", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.424-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65505 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "admin", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.424-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 49195 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "admin", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.426-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 49202 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "ACMP_DEMO", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.427-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65468 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "ACMP_DEMO", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.428-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65465 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "test", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.428-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 49196 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "ACMP_DEMO", "args" : { "ping" : 1 } }, "result" : 0 }
{ "atype" : "authCheck", "ts" : { "$date" : "2016-12-20T22:20:45.428-0500" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65506 }, "users" : [], "roles" : [], "param" : { "command" : "ping", "ns" : "ACMP_DEMO", "args" : { "ping" : 1 } }, "result" : 0 }
Manually formatted : >
{ "atype" : "authCheck",
"ts" : { "$date" : "2016-12-20T22:20:08.977-0500" },
"local" : { "ip" : "127.0.0.1", "port" : 27017 },
"remote" : { "ip" : "127.0.0.1", "port" : 63357 },
"users" : [],
"roles" : [],
"param" : { "command" : "update", "ns" : "ACMP_DEMO.preauth_case", "args" : { "update" : "preauth_case", "updates" : [ { "q" : { "createdByUserId" : -2 }, "u" : { "$set" : { "statusCode" : "Update" } }, "multi" : false, "upsert" : false } ], "ordered" : true } },
"result" : 0 }
============
Question Here :
1 > Could be track the old values also from audit trail ?
2 > How could be collected all audit trail important information in a collection.
I would be appreciate if you guys have some input on above query.