[SERVER-11918] Support writing "access granted" messages to audit logs. Created: 02/Dec/13  Updated: 11/Jul/16  Resolved: 06/Mar/14

Status: Closed
Project: Core Server
Component/s: Logging, Security
Affects Version/s: None
Fix Version/s: 2.6.0-rc1

Type: Improvement Priority: Major - P3
Reporter: Andy Schwerin Assignee: Unassigned
Resolution: Done Votes: 2
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-12551 Audit DML/CRUD operations Closed
Participants:

 Description   

In the 2.5 and 2.6 series, MongoDB's auditing feature supports writing audit log messages for authCheck failures, but not authCheck successes (access granted conditions). This was done to limit the amount of load that would be placed on the synchronous log writer and filter matcher used by the audit system. It would be nice to be able to log access granted, as well.



 Comments   
Comment by Andy Schwerin [ 06/Mar/14 ]

Author:

{u'username': u'milkie', u'name': u'Eric Milkie', u'email': u'milkie@10gen.com'}

Message: SERVER-12551 experimental switch to turn on access-granted (authz success) auditing
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/5d45e7d87ab30aa6b67aa8fffc10c5934964d4f1

Generated at Thu Feb 08 03:27:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.