Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-42506

allowing audit log to be send to a log management server instead of a file on the host

XMLWordPrintableJSON

    • Type: Icon: New Feature New Feature
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • 4.3 Desired
    • Affects Version/s: None
    • Component/s: Logging, Security
    • None
    • Server Security

      It'll be nice to be able to send the audit log or MongoD log to a server before it's written to a file on the localhost.

      Motivation
      Some customers are concerned about when the MongoD or MongoS process writing the audit log to a file, someone has access to the Linux user as the MongoD or MongoS process i.e all their DBAs can edit or delete the file.
      So theoretically they can do something malicious then delete or amend the audit log to hide the fact that something bad have been done.

      Ideal outcome
      In the --auditDestination option allowing people to specify hostname and port of the log management server, and maybe another two options --auditLogUser and --auditLogPassword if the server needs authentication.

      Thanks
      Jen

            Assignee:
            backlog-server-security [DO NOT USE] Backlog - Security Team
            Reporter:
            jennifer.huang@mongodb.com Jennifer Huang (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated: