The new audit log feature integrates the features of Log Service with ApsaraDB for MongoDB. The audit log feature allows you to filter log data, analyze logs online, and export logs. This helps you discover security and performance issues of your ApsaraDB for MongoDB instances at your earliest opportunity.

Prerequisites

If you want to enable the new audit log feature as a RAM user, the RAM user must be granted the AliyunLogFullAccess permissions. For more information, see Grant permissions.

Background information

Alibaba Cloud Log Service is an all-in-one service and has been used in big data analytics scenarios. Log Service allows you to collect, consume, ship, search, and analyze log data without the need for extra code resources. This service makes O&M more efficient ApsaraDB for MongoDB integrates the features of Log Service to provide the new audit log feature, which is characterized by stability, ease of use, flexibility, and high efficiency.

This topic describes how to enable the new audit log feature.

Note

  • After the new audit log feature is enabled, the performance of an ApsaraDB for MongoDB instance is slightly compromised.
  • After you enable the new audit log feature, Log Service records operations on ApsaraDB for MongoDB instances in logs to facilitate troubleshooting.

Billing

The trial edition has been available and is free of charge. The official edition will be available soon.
Note In the trial edition, audit logs can be stored for one day with a maximum storage capacity of 100 GB.

Procedure

  1. Log on to the ApsaraDB for MongoDB console.
  2. In the upper-left corner of the page, select the resource group and the region of the target instance.
  3. In the left-side navigation pane, click Replica Set Instances, or Sharded Cluster Instances based on the instance type.
  4. Find the target instance and click its ID.
  5. In the left-side navigation pane, choose Data Security > Audit Logs.
  6. Click Enable Audit Logs.
    Enable Audit Logs
  7. Click OK.

What to do next