Release Notes and Announcements

Release Notes

Announcements

User Guide

Product Introduction

Overview

Strengths

Use Cases

Cluster Architecture

Product Specifications

Features

Regions and AZs

Terms

Service Regions and Service Providers

Purchase Guide

Billing Overview

MongoDB Pricing

Billing Formula

Payment Overdue

Backup Space Billing

Configuration Adjustment Billing

Getting Started

Quickly Creating an Instance

Connecting to a TencentDB for MongoDB Instance

Reading/Writing Database

Operation Guide

Access Management

Instance Management

Node Management

Version Upgrade

Network Configuration

Monitoring

Backup and Rollback

Database Audit

Data Security

SSL Authentication

Log Management

Database Management

Multi-AZ Deployment

Disaster Recovery/Read-Only Instances

Parameter Configuration

Recycle Bin

Task Management

Performance Optimization

Data Migration Guide

Practical Tutorial

Optimizing Indexes to Break Through Read/Write Performance Bottlenecks

Troubleshooting Mongos Load Imbalance in Sharded Cluster

Considerations for Using Shard Clusters

Sample of Reading and Writing Data in MongoDB Instance

Methods for Importing and Exporting Data Based on CVM Connected with MongoDB

What to Do for Errors of Repeated Instance Creation and Deletion of Databases with the Same Names?

Troubleshooting MongoDB Connection Failures

Shard Removal Task: Guide for Confirming the Progress and Troubleshooting Issues

Performance Fine-Tuning

Ops and Development Guide

Development Specifications

Command Support in Sharded Cluster v3.2

Command Support in v3.6

Development Ops

Troubleshooting

Increased Slow Queries

Number of Connections Exceeding Limit

API Documentation

History

Introduction

API Category

Making API Requests

Instance APIs

Backup APIs

Account APIs

Other APIs

Task APIs

Introduction

Data Types

Error Codes

Instance Connection

Shell Connection Sample

PHP Connection Sample

Node.js Connection Sample

Java Connection Sample

Python Connection Sample

Python Read/Write Sample

Go Connection Sample

PHP Reconnection Sample

Product Performance

Test Environment

Test Method

Test Result

FAQs

Cost

Features

Sharded Cluster

Instance

Rollback and Backup

Connection

Data Migration

Others

Service Agreement

Service Level Agreement

Glossary

Enabling Database Audit

PDF

Focus Mode

Font Size

Last updated: 2025-07-15 16:46:01

TencentDB for MongoDB provides database audit capabilities to record database access and SQL statement execution, helping enterprises control risks and improving the data security level.
Note:
Enabling audit may cause certain performance losses to the instance.
Prerequisites
The Creating a TencentDB for MongoDB instance operation has been completed.
The status of the replica set instance or sharded instance of TencentDB for MongoDB is Running.
Directions
1. Log in to the TencentDB for MongoDB console.
2. In the left sidebar, select MongoDB > Database Audit.
3. At the top of the Database Audit page on the right, select Region.
4. In the upper right corner of the audit instance list, select an instance with Audit Status being Disabled.
5. Click the search box to search the target instance in the drop-down list by Instance ID, Instance Name, Tag Key, or Tag.
6. Click the target instance name to enter the Audit Log configuration guide.
7. On the Activate Audit Service configuration guide tab, learn about the audit billing instructions.
8. Select I agree to the Tencent Cloud Terms of Service and click Next.
9. On the Configure Audit configuration guide tab, select the audit Log Retention Period, and confirm the required fees next to Storage Fees.
Note:
You can select an audit log retention period of 7 days, 30 days, 3 months, 6 months, 1 year, 3 years, or 5 years. After enabling, you can also modify the retention period in the console, see Modifying the Retention Period of Audit Logs. To meet the security compliance requirements for the retention period of audit logs, it is recommended that you select a retention period of 180 days or more.
﻿
10. Click Next. On the Audit Rule Settings configuration guide tab, select the audit rule method next to Audit Rule.
11. You can select Full Audit or Rule-Based Audit based on requirements, and the default method is Full Audit.
Full Audit: audits all statements after it is enabled. 
﻿
Rule-Based Audit: audits database statements based on configured audit items after it is enabled. Audit items that can be configured include SQL type, database name, collection name, client IP address, and username. Separate multiple items with commas, as shown in the figure below.
Note:
Separate multiple database names, collection names, client IP addresses, and usernames with commas.
Up to 5 database names, 5 collection names, 5 client IP addresses, and 5 usernames can be configured.
﻿
12. Click Create a Policy, and the audit service can be used after it is successfully enabled.
More Operations
After enabling the audit service, you can analyze database audit logs at any time to perform risk control. For detailed operations, see Viewing Audit Logs.
The business scenarios are constantly changing, and it is necessary to adjust audit rules promptly to ensure efficient, accurate, and compliant regulation of databases. For detailed operations, see Modifying Audit Rules.
To manage audit instances, you can perform operations such as Viewing Audit Instances, Disabling Audit Instances, and Modifying the Retention Period of Audit Logs.