Enable audit logs

Background

Alibaba Cloud Log Service (SLS) is a comprehensive service for log data processing, built on Alibaba Group's extensive big data experience. It enables you to collect, consume, route, query, and analyze log data without writing code, which improves O&M and operational efficiency. ApsaraDB for MongoDB integrates key features of Log Service to offer a stable, user-friendly, flexible, and efficient audit log service.

Prerequisites

• The instance is a general-purpose instance with local disks or a dedicated instance with local disks.

• If you use a RAM user to enable audit logs, you must grant the RAM user the AliyunLogFullAccess permission. For more information, see Grant permissions to a RAM user.

Limitations

• For the free trial edition, audit logs are retained for one day. The maximum shared storage for all instances in the same region is 100 GB.

• Since January 6, 2022, the official edition of the audit log feature has been gradually rolling out across regions, and applications for the free trial edition are no longer accepted. For more information, see [Notice] ApsaraDB for MongoDB launches pay-as-you-go official edition audit logs and ends applications for the free trial edition.

Impacts

• Enabling the free trial edition of the audit log feature has a minor impact on the performance of your ApsaraDB for MongoDB instance.

• After enabling the free trial edition, Log Service records all operations performed on your ApsaraDB for MongoDB instance. These logs can help with future troubleshooting.

Procedure

1. Go to the Replica Set Instances or Sharded Cluster Instances page. In the top navigation bar, select a resource group and a region. Then, click the ID of the target instance.

2. In the left-side navigation pane of the instance details page, choose Data Security > Audit Logs.

3. On the Latest Audit Logs page, for Version, select Free Trial, and then click Activate.

4. In the Enable Audit Logs dialog box, review the information and click Confirm.