Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-42506

allowing audit log to be send to a log management server instead of a file on the host

    XMLWordPrintable

Details

    • New Feature
    • Status: Open
    • Major - P3
    • Resolution: Unresolved
    • None
    • 4.3 Desired
    • Logging, Security
    • None

    Description

      It'll be nice to be able to send the audit log or MongoD log to a server before it's written to a file on the localhost.

      Motivation
      Some customers are concerned about when the MongoD or MongoS process writing the audit log to a file, someone has access to the Linux user as the MongoD or MongoS process i.e all their DBAs can edit or delete the file.
      So theoretically they can do something malicious then delete or amend the audit log to hide the fact that something bad have been done.

      Ideal outcome
      In the --auditDestination option allowing people to specify hostname and port of the log management server, and maybe another two options --auditLogUser and --auditLogPassword if the server needs authentication.

      Thanks
      Jen

      Attachments

        Issue Links

          Activity

            People

              backlog-server-security Backlog - Security Team
              jennifer.huang@mongodb.com Jennifer Huang (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: