DocsICP FilingConsole
官方文档
首页

Query audit logs for DAS Enterprise Edition (NoSQL compatible)

更新时间:
复制 MD 格式
产品详情
我的收藏

Query DAS Enterprise Edition (NoSQL Compatible) audit logs to review database operations on your ApsaraDB for MongoDB instance.

Prerequisites

The audit log feature is enabled. For instructions, see Enable audit logging for DAS Enterprise Edition (NoSQL Compatible).

Query audit logs

  1. Log in to the MongoDB console.

  2. In the left-side navigation pane, click Replica Set Instances or Sharded Cluster Instances depending on your instance type.

  3. Find the target instance and click its ID, or click Manage in the Actions column.

  4. In the left-side navigation pane of the instance details page, choose Data Security > Audit Logs.

  5. On the Mongo Audit Log Center page, view the audit log details.

Filter audit logs

Filter audit logs to locate specific entries.

In the filter section of the Mongo Audit Log Center page, set the filter criteria.

The following table describes the filter criteria.

Parameter

Description

Keyword

Filters audit logs by keyword, such as a client IP, command, or username.

  • When you filter by keyword, you must enter the full string. Fuzzy search is not supported. Examples:

    • To filter by a client IP address (IPv4), you must enter the full address in dotted-decimal notation, such as 192.168.1.1. Partial inputs like 192.168 or 1.1 are not supported.

    • To filter by a command, you must enter the full command name, such as AUTH or auth, not au.

  • If your keyword contains a colon (:), enclose the entire keyword in double quotation marks (""), for example, "userId:1".

Operation type

Filters audit logs by operation type.

Client IP

Filters logs by client IP address.

If an ECS instance connects to the ApsaraDB for MongoDB instance over the internet, enter the public IP address of the ECS instance.

If an ECS instance connects to the ApsaraDB for MongoDB instance through a Virtual Private Cloud (VPC), enter the private IP address of the ECS instance.

Database name

Filters logs by database name.

Username

Filters logs by username.

Time range

Specifies the time range to query. The range must be longer than one second.

FAQ

  • Q: Why can I query only 10,000 audit log entries?

    A: The Mongo Audit Log Center page in the ApsaraDB for MongoDB console displays a maximum of 10,000 audit log entries. To retrieve more logs, you can Export the query results.

  • Q: Why are there so few audit log entries?

    A: After you enable audit logging, only the admin and slow operation types are selected by default. To change the audited operation types, see Modify audit logging for DAS Enterprise Edition (NoSQL Compatible).

Related APIs

API

Description

GetDasSQLLogHotData

Queries data from hot storage in DAS Enterprise Edition.

CreateSqlLogTask

Creates an offline task for DAS Enterprise Edition.

DescribeSqlLogTask

Queries the details of a specific offline task for DAS Enterprise Edition.

DescribeSqlLogTasks

Lists the offline tasks for DAS Enterprise Edition.
Previous:Disable the audit log for DAS Enterprise Edition (NoSQL)Next:Modify DAS Enterprise Edition (NoSQL compatible) audit logs