In the ApsaraDB for MongoDB console, you can view audit logs in a specified time range
and filter audit logs that match various conditions.
Background information
You can query audit logs for detailed insight when you want to view database request
records, discover the cause for sudden increases in resource consumption, or find
records of modify and delete operations on data.
View audit logs
- Log on to the ApsaraDB for MongoDB console.
- In the upper-left corner of the page, select the resource group and the region of
the target instance.
- In the left-side navigation pane, click Replica Set Instances or Sharded Cluster Instances based on the instance type.
- Find the target instance and click its ID.
- In the left-side navigation pane of the Instance page, choose .
- On the Mongo audit log center page that appears, view audit log details of the ApsaraDB for MongoDB instance.
Filter audit logs
You can define different conditions to filter audit logs.
- Log on to the ApsaraDB for MongoDB console.
- In the upper-left corner of the page, select the resource group and the region of
the target instance.
- In the left-side navigation pane, click Replica Set Instances or Sharded Cluster Instances based on the instance type.
- Find the target instance and click its ID.
- In the left-side navigation pane of the Instance page, choose .
- On the Mongo audit log center page that appears, define conditions to filter audit logs.

Table 1. Filter conditions
Filter condition |
Description |
Keyword |
Filters audit logs by keywords such as the client IP address, executed commands, accounts,
and extended information.
Note
- The Keyword filed supports exact match, so you must enter complete information.
- For example, you must enter a complete IP address such as 192.168.1.1, instead of
192.168 or 1.1.
- You must enter a complete command such as AUTH or auth, instead of au.
- You must enclose keywords that contain colons within double quotation marks (""),
such as "userId:1".
|
Operation Type |
Filters audit logs by operation type. Operation types include:
- query
- find
- insert
- update
- delete
- remove
- getMore: the read operation
- command: the protocol command such as the aggregate method
|
Client IP Address |
The client IP address used to connect the ApsaraDB for MongoDB instance. |
Database Name |
The name of the ApsaraDB for MongoDB database. |
Set Name |
The name of the ApsaraDB for MongoDB instance set. |
Username |
The account used to log on to the ApsaraDB for MongoDB instance. |
View audit logs within a specified time range
You can view slow query logs within a specified time range by using the time picker.
- Log on to the ApsaraDB for MongoDB console.
- In the upper-left corner of the page, select the resource group and the region of
the target instance.
- In the left-side navigation pane, click Replica Set Instances or Sharded Cluster Instances based on the instance type.
- Find the target instance and click its ID.
- In the left-side navigation pane of the Instance page, choose .
- On the Mongo audit log center page that appears, click Please Select.
- Specify the time range in the time picker.

Table 2. Time picker sections
No. |
Section |
Description |
1 |
Time |
Information about the time range is displayed in this section when you move the pointer
over a relative time or a time frame.
|
2 |
Relative |
A time period relative to the current point in time. Information about the time range
is displayed in the Time section when you move the pointer over any element in this
section.
|
2 |
Time Frame |
A time frame period that is more than one minute. Information about the time range
is displayed in the Time section when you move the pointer over any element in this
section.
|
4 |
Custom |
A custom time period. Specify a time period and click OK to confirm the time period.
|
FAQ
- I can only view 2,000 audit log entries in total. Where can I view the others?
The Audit Logs page on the ApsaraDB for MongoDB console displays up to 2,000 audit
log entries. To view more audit log entries, you must log on to the Log Service console.
For more information, see Query logs.
- Where can I view old audit log documentation?
See Configure audit logging for an ApsaraDB for MongoDB instance.