5.2 Ensure that audit filters are configured properly

Information

MongoDB Enterprise supports auditing of various operations. When enabled, the audit facility, by default, records all auditable operations as detailed in Audit Event Actions, Details, and Results. To specify which events to record, the audit feature includes the --auditFilter option. This check is only for Enterprise editions.

Rationale:

All operations carried out on the database are logged. This helps in backtracking and tracing any incident that occurs.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Set the audit filters based on the organizations requirements.

Default Value:

Not configured

See Also

https://workbench.cisecurity.org/files/168

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12c.

Plugin: Unix

Control ID: 98f7a3241669f4f94dad91f576436901ee6fa2ea390ac4a25b3fb02db5545e3c