On this page本页内容
getAuditConfig
New in version 5.0.在版本5.0中新增。
getAuditConfig is an administrative command that retrieves audit configurations from 是一个从mongod and mongos server instances.mongod和mongos服务器实例检索审计配置的管理命令。
Use the 使用db.adminCommand( { command } ) method to run getAuditConfig against the admin database.db.adminCommand( { command } )方法对admin数据库运行getAuditConfig。
db.adminCommand( { getAuditConfig: 1 } )
Auditing must be enabled in order to use 必须启用审核才能使用getAuditConfig.getAuditConfig。
Nodes that are not participating in a runtime audit configuration return their current configuration file settings for 未参与运行时审核配置的节点返回auditLog.filter and setParameter.auditAuthorizationSuccess.auditLog.filter和setParameter.auditAuthorizationSuccess的当前配置文件设置。
Nodes that are participating in the runtime audit synthesize their current configuration from memory. 参与运行时审核的节点从内存中合成其当前配置。Configuration updates are distributed via the oplog mechanism which means updates on 配置更新是通过oplog机制分发的,这意味着mongod nodes are distributed to secondary nodes very quickly. mongod节点上的更新会很快分发到次要节点。However, the distribution mechanism is different on 然而,mongos nodes. mongos节点上的分发机制不同。mongos nodes have to poll the primary server at regular intervals for configuration updates. mongos节点必须定期pollprimary服务器以获取配置更新。You may see stale data due to polling delay if you run 如果在主服务器上运行setAuditConfig on the primary server and getAuditConfig on a shard before the shard has polled the primary server for updated configuration details.setAuditConfig并在分片轮询主服务器以获取更新的配置详细信息之前在分片上运行getAuditConfig,则可能会由于轮询延迟而看到过时的数据。
If you are writing automated audit scripts, note that the quoting style and the types used to represent the cluster signature differ between 如果您正在编写自动化审计脚本,请注意mongosh and the legacy mongo shell. mongosh和传统mongoshell之间用于表示集群签名的引用样式和类型有所不同。In 在mongosh the types are Binary and Long. mongosh中,类型为Binary和Long。The corresponding types in the legacy shell are BinData and NumberLong.传统shell中对应的类型是BinData和NumberLong。
// mongosh signature: { hash: Binary(Buffer.from("0000000000000000000000000000000000000000", "hex"), 0), keyId: Long("0") } // mongo "signature" : { "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="), "keyId" : NumberLong(0) }
Run 在getAuditConfig on the admin database .admin数据库上运行getAuditConfig。
db.adminCommand({getAuditConfig: 1})
The example server is configured to audit read and write operations. 示例服务器被配置为审核读写操作。It has a filter which captures the desired operations and the 它有一个捕获所需操作的筛选器,auditAuthorizationSuccess value has been set to true.auditAuthorizationSuccess值已设置为true。
{
generation: ObjectId("60e73e74680a655705f16525"),
filter: {
atype: 'authCheck',
'param.command': {
'$in': [ 'find', 'insert', 'delete', 'update', 'findandmodify' ]
}
},
auditAuthorizationSuccess: true,
ok: 1,
'$clusterTime': {
clusterTime: Timestamp(1, 1625767540),
signature: {
hash: Binary(Buffer.from("0000000000000000000000000000000000000000", "hex"), 0),
keyId: Long("0")
}
},
operationTime: Timestamp(1, 1625767540)
}