<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 04:58:16 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-41635] MDB native audit only supports 2 error codes</title>
                <link>https://jira.mongodb.org/browse/SERVER-41635</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;MDB native audit only supports the following error codes:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;&lt;tt&gt;13 - &quot;Unauthorized&quot;&lt;/tt&gt;&lt;/li&gt;
	&lt;li&gt;&lt;tt&gt;18 - &quot;AuthenticationFailed&quot;&lt;/tt&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;need to add support for other failures as well.&lt;/p&gt;

&lt;p&gt;in addition the error code doesn&apos;t included in the audit log (we deduce if from MDB code and documentation)&lt;/p&gt;

&lt;p&gt;This issue is relevant to&#160;MDB on-prem and MDB Atlas&lt;/p&gt;</description>
                <environment></environment>
        <key id="796437">SERVER-41635</key>
            <summary>MDB native audit only supports 2 error codes</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="eric.sedor@mongodb.com">Eric Sedor</assignee>
                                    <reporter username="barak.gilboa@imperva.com">barak gilboa</reporter>
                        <labels>
                    </labels>
                <created>Tue, 11 Jun 2019 13:57:15 +0000</created>
                <updated>Thu, 11 Jul 2019 23:03:20 +0000</updated>
                            <resolved>Thu, 11 Jul 2019 23:03:19 +0000</resolved>
                                                                                        <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="2322121" author="eric.sedor" created="Thu, 11 Jul 2019 23:03:20 +0000"  >&lt;p&gt;Thanks again for your suggestion. However, we are going to close this as the audit log is intended to provide primarily authentication/authorization related information.&lt;/p&gt;</comment>
                            <comment id="2289013" author="eric.sedor" created="Tue, 18 Jun 2019 20:33:47 +0000"  >&lt;p&gt;Thanks for clarifying. The result indicated in this example is for the authCheck event prompted by the insert (which was successful independent of the result of the insert itself). The Audit Log is intended for this sort of system level activity, not for providing specific details about the results of CRUD operations.&lt;/p&gt;

&lt;p&gt;For more richly tracking the results of specific operations, we recommend other sources of information such as the &lt;a href=&quot;https://docs.mongodb.com/manual/reference/log-messages/index.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;mongod logs&lt;/a&gt;, using &lt;a href=&quot;https://docs.mongodb.com/manual/changeStreams/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Change Streams&lt;/a&gt;, or &lt;a href=&quot;https://docs.mongodb.com/manual/tutorial/manage-the-database-profiler/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;profiling&lt;/a&gt; via the system.profile collection.&lt;/p&gt;

&lt;p&gt;Does this make sense?&lt;/p&gt;</comment>
                            <comment id="2282785" author="barak.gilboa@imperva.com" created="Thu, 13 Jun 2019 12:35:03 +0000"  >&lt;p&gt;Hi Eric,&lt;/p&gt;

&lt;p&gt;The use case we are interested in is extracting data on events that occurred on the platform.&lt;/p&gt;

&lt;p&gt;We would like to review commands and instructions that happened, if they failed or succeeded, the user which initiated the instructions and other data as well.&lt;/p&gt;

&lt;p&gt;We can see in your doc. that only the following two are supported. -&#160;&lt;a href=&quot;https://docs.mongodb.com/manual/reference/audit-message/#audit-action-details-results&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;link&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Regarding error codes, for instance, when inserting 2 documents with the same ID, error code 11000 is created in the mongo message. this error is not reflected in the native audit log, in oppose to &quot;Unauthorized&quot; and &quot;AuthenticationFailed&quot; errors with are supported.&#160;&lt;/p&gt;

&lt;p&gt;As we see it, every transaction that failed to get executed should be reflected in the audit log under &quot;result :&quot; field.&#160;&lt;/p&gt;

&lt;p&gt;Another issue with &quot;result&quot; is that only code is provided and not error message as well.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;Example of error not appearing in audit:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: #008200; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;// code placeholder&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;
&lt;p&gt;&lt;em&gt;&lt;b&gt;&lt;ins&gt;command in mongo shell:&lt;/ins&gt;&lt;/b&gt;&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;db.test.insert({&quot;_id&quot; : &quot;1&quot;, &quot;val&quot;:&quot;user&quot;})&lt;/p&gt;

&lt;p&gt;WriteResult({ &quot;nInserted&quot; : 1 })&lt;/p&gt;

&lt;p&gt;db.test.insert({&quot;_id&quot; : &quot;1&quot;, &quot;val&quot;:&quot;user&quot;})&lt;/p&gt;

&lt;p&gt;WriteResult({ &quot;nInserted&quot; : 0, &quot;writeError&quot; : { &lt;b&gt;&lt;font color=&quot;#de350b&quot;&gt;&quot;code&quot; : 11000, &quot;errmsg&quot; : &quot;E11000 duplicate key error collection: admin.test index: &lt;em&gt;id&lt;/em&gt; dup key: { : \&quot;1\&quot; }&quot; } })&lt;/font&gt;&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;&lt;em&gt;&lt;ins&gt;Audit log representing the event:&lt;/ins&gt;&lt;/em&gt;&lt;/b&gt;&lt;/p&gt;


{ &quot;atype&quot; : &quot;authCheck&quot;, &quot;ts&quot; : \{ &quot;$date&quot; : &quot;2019-06-13T15:11:17.116+0300&quot; }
&lt;p&gt;, &quot;local&quot; : { &quot;ip&quot; : &quot;127.0.0.1&quot;, &quot;port&quot; : 27017 }, &quot;remote&quot; : { &quot;ip&quot; : &quot;127.0.0.1&quot;, &quot;port&quot; : 41884 }, &quot;users&quot; : [ { &quot;user&quot; : &quot;siteadmin&quot;, &quot;db&quot; : &quot;admin&quot; } ], &quot;roles&quot; : [ { &quot;role&quot; : &quot;root&quot;, &quot;db&quot; : &quot;admin&quot; }, { &quot;role&quot; : &quot;userAdminAnyDatabase&quot;, &quot;db&quot; : &quot;admin&quot; } ], &quot;param&quot; : { &quot;command&quot; : &quot;insert&quot;, &quot;ns&quot; : &quot;admin.test&quot;, &quot;args&quot; : { &quot;insert&quot; : &quot;test&quot;, &quot;ordered&quot; : true, &quot;lsid&quot; : { &quot;id&quot; : &lt;/p&gt;
{ &quot;$binary&quot; : &quot;BalL5sLBSWG5vzQY/+5Yxg==&quot;, &quot;$type&quot; : &quot;04&quot; }
&lt;p&gt; }, &quot;$db&quot; : &quot;admin&quot;, &quot;documents&quot; : [ { &quot;_id&quot; : &quot;1&quot;, &quot;val&quot; : &quot;user&quot; } ] } }, &lt;font color=&quot;#de350b&quot;&gt;&lt;b&gt;&quot;result&quot; : 0&lt;/b&gt;&lt;/font&gt; }&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;</comment>
                            <comment id="2281777" author="eric.sedor" created="Wed, 12 Jun 2019 19:43:52 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=barak.gilboa%40imperva.com&quot; class=&quot;user-hover&quot; rel=&quot;barak.gilboa@imperva.com&quot;&gt;barak.gilboa@imperva.com&lt;/a&gt;,&lt;/p&gt;

&lt;p&gt;Can you please help us understand and reason about this request by elaborating on your use-case and what purpose the audit log is serving in your system?&lt;/p&gt;

&lt;p&gt;We&apos;d also be interested in some errors you feel you aren&apos;t able to track in either the audit log or the mongod logs.&lt;/p&gt;

&lt;p&gt;Thanks in advance.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>4.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 12 Jun 2019 19:43:52 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        4 years, 30 weeks, 6 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            4 years, 30 weeks, 6 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>barak.gilboa@imperva.com</customfieldvalue>
            <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hv465j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hutcxj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                    <customfieldvalue><![CDATA[eric.sedor@mongodb.com]]></customfieldvalue>
    

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hv3sev:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>