[SERVER-12670] Provide option to stream audit log to a database or external system Created: 10/Feb/14  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Logging, Security
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Rob Young (Inactive) Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 9
Labels: Auditing
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
is duplicated by SERVER-34135 Option to write audit data to a cappe... Closed
is duplicated by SERVER-44566 Save MongoDB Audit history automatica... Closed
Assigned Teams:
Server Security
Participants:
Case:

 Description   

This enhancement removes the coupling between the audit log and the file system, allowing users to define and log it as a stream to a secured collection within a secured database, or to a remote service like Oracle Audit Vault, WORM storage, Splunk, etc.



 Comments   
Comment by Matt Kalan [ 23/Feb/18 ]

I believe Splunk can take syslog as an input so they might be able to do this today. It is worth checking whether this is common for most WORM endpoints. One would think it would be

Generated at Thu Feb 08 03:29:13 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.