DOCSP-7100,DOCSP-15012 logRotate also rotates audit log

Author: andf-mongodb

source/reference/command/logRotate.txt

@@ -16,17 +16,18 @@ Definition
 .. dbcommand:: logRotate
 
    The :dbcommand:`logRotate` command is an administrative command that
-   allows you to rotate
-   the MongoDB logs to prevent a single logfile from consuming too
-   much disk space.
+   allows you to rotate the MongoDB logs to prevent a single logfile
+   from consuming too much disk space.
 
-   You must issue the
-   :dbcommand:`logRotate`
-   command against the :term:`admin database` in the form:
+   If :doc:`auditing </core/auditing>` is enabled, the
+   :dbcommand:`logRotate` command also rotates the audit log.
+
+   You must issue the :dbcommand:`logRotate` command against the
+   :term:`admin database` in the form:
 
    .. code-block:: javascript
 
-        { logRotate: 1 }
+      { logRotate: 1 }
 
    .. note::
 
@@ -35,12 +36,14 @@ Definition
 
    You may also rotate the logs by sending a ``SIGUSR1`` signal to the
    :binary:`~bin.mongod` process.
-   If your :binary:`~bin.mongod` has a process ID of 2200, here's how to
-   send the signal on Linux:
+
+   For example, if a running :binary:`~bin.mongod` instance has a
+   process ID (PID) of ``2200``, the following command rotates the log
+   file for that instance on Linux:
 
    .. code-block:: sh
 
-       kill -SIGUSR1 2200
+      kill -SIGUSR1 2200
 
 Behavior
 --------

source/reference/configuration-options.txt

@@ -285,6 +285,12 @@ Core Options
 
      If you specify ``reopen``, you must also set :setting:`systemLog.logAppend` to ``true``.
 
+   If :doc:`auditing </core/auditing>` is enabled, the
+   :dbcommand:`logRotate` command also rotates the audit log according
+   to the above parameters. For example, if
+   :setting:`systemLog.logRotate` is set to ``rename``, the audit log
+   will also be renamed.
+
 
 .. setting:: systemLog.destination
 

source/reference/program/mongod.txt

@@ -431,6 +431,11 @@ Core Options
 
      If you specify ``reopen``, you must also use :option:`--logappend`.
 
+   If :doc:`auditing </core/auditing>` is enabled, the
+   :dbcommand:`logRotate` command also rotates the audit log according
+   to the above parameters. For example, if :option:`--logRotate` is set
+   to ``rename``, the audit log will also be renamed.
+
 
 .. option:: --timeStampFormat <string>
 

source/reference/program/mongos.txt

@@ -317,6 +317,27 @@ Core Options
    existing log and create a new file.
 
 
+.. option:: --logRotate <string>
+
+   *Default*: rename
+
+   Determines the behavior for the :dbcommand:`logRotate` command.
+   Specify either ``rename`` or ``reopen``:
+   
+   - ``rename`` renames the log file.
+   
+   - ``reopen`` closes and reopens the log file following the typical
+     Linux/Unix log rotate behavior. Use ``reopen`` when using the
+     Linux/Unix logrotate utility to avoid log loss.
+   
+     If you specify ``reopen``, you must also use :option:`--logappend`.
+
+   If :doc:`auditing </core/auditing>` is enabled, the
+   :dbcommand:`logRotate` command also rotates the audit log according
+   to the above parameters. For example, if :option:`--logRotate` is set
+   to ``rename``, the audit log will also be renamed.
+
+
 .. option:: --redactClientLogData
 
    .. versionadded:: 3.4 Available in MongoDB Enterprise only.

source/tutorial/configure-auditing.txt

@@ -151,7 +151,10 @@ a file with the relative path name of ``data/db/auditLog.json``:
    in :doc:`/administration/security-checklist` to prevent unauthorized
    access.
 
-The audit file rotates at the same time as the server log file.
+The audit file is :dbcommand:`rotated <logRotate>` at the same time as
+the server log file. Rotation specifics may be configured with the
+:setting:`systemLog.logRotate` configuration file option or the
+:option:`--logRotate <mongod --logRotate>` command-line option.
 
 You may also specify these options in the :doc:`configuration file
 </reference/configuration-options>`:
@@ -207,7 +210,10 @@ a BSON file with the relative path name of ``data/db/auditLog.bson``:
    in :doc:`/administration/security-checklist` to prevent unauthorized
    access.
 
-The audit file rotates at the same time as the server log file.
+The audit file is :dbcommand:`rotated <logRotate>` at the same time as
+the server log file. Rotation specifics may be configured with the
+:setting:`systemLog.logRotate` configuration file option or the
+:option:`--logRotate <mongod --logRotate>` command-line option.
 
 You may also specify these options in the :doc:`configuration file
 </reference/configuration-options>`:

source/tutorial/rotate-log-files.txt

@@ -13,32 +13,31 @@ Rotate Log Files
 Overview
 --------
 
-When used with the ``--logpath`` option or :setting:`systemLog.path` setting,
-:binary:`~bin.mongod` and :binary:`~bin.mongos` instances report
-a live account of all activity and operations to a log file. 
-When reporting activity data to a log file, by default, MongoDB only rotates logs
-in response to the :dbcommand:`logRotate` command, or when the
-:binary:`~bin.mongod` or :binary:`~bin.mongos` process receives a ``SIGUSR1``
-signal from the operating system.
+When used with the ``--logpath`` option or :setting:`systemLog.path`
+setting, :binary:`~bin.mongod` and :binary:`~bin.mongos` instances
+report a live account of all activity and operations to a log file. 
+When reporting activity data to a log file, by default, MongoDB only
+rotates logs in response to the :dbcommand:`logRotate` command, or when
+the :binary:`~bin.mongod` or :binary:`~bin.mongos` process receives a
+``SIGUSR1`` signal from the operating system.
 
 MongoDB's standard log rotation approach archives the current
 log file and starts a new one. To do this, the :binary:`~bin.mongod` or
-:binary:`~bin.mongos` instance renames the current log file by appending a
-UTC timestamp to the filename, in :term:`ISODate` format. It then
+:binary:`~bin.mongos` instance renames the current log file by appending
+a UTC timestamp to the filename, in :term:`ISODate` format. It then
 opens a new log file, closes the old log file, and sends all new log
 entries to the new log file.
 
-You can also configure MongoDB to support the Linux/Unix
-logrotate utility
-by setting :setting:`systemLog.logRotate` or
+You can also configure MongoDB to support the Linux/Unix ``logrotate``
+utility by setting :setting:`systemLog.logRotate` or
 ``--logRotate`` to ``reopen``. With ``reopen``, :binary:`~bin.mongod`
 or :binary:`~bin.mongos` closes the log file, and
 then reopens a log file with the same name, expecting that another
 process renamed the file prior to rotation.
 
 Finally, you can configure :binary:`~bin.mongod` to send log data to the
-``syslog`` using the :option:`--syslog <mongod --syslog>` option. In this case, you can
-take advantage of alternate logrotation tools.
+``syslog`` using the :option:`--syslog <mongod --syslog>` option. In
+this case, you can take advantage of alternate log rotation tools.
 
 .. seealso:: For information on logging, see the
    :ref:`monitoring-standard-loggging` section.
@@ -50,8 +49,8 @@ By default, MongoDB uses the
 ``--logRotate rename`` behavior. 
 With ``rename``, :binary:`~bin.mongod` or
 :binary:`~bin.mongos` renames the current log file by appending a UTC 
-timestamp to the filename, opens a new log file, closes the old log file,
-and sends all new log entries to the new log file.
+timestamp to the filename, opens a new log file, closes the old log
+file, and sends all new log entries to the new log file.
 
 .. include:: /includes/steps/log-rotate-rename.rst
 
@@ -66,8 +65,8 @@ the log file following the typical Linux/Unix log rotate behavior.
 Syslog Log Rotation
 -------------------
 
-With syslog log rotation, :binary:`~bin.mongod` sends log data to the syslog
-rather than writing it to a file.
+With syslog log rotation, :binary:`~bin.mongod` sends log data to the
+syslog rather than writing it to a file.
 
 Starting in version 4.2, MongoDB includes the :ref:`component
 <log-message-components>` in its log messages to ``syslog``.
@@ -78,8 +77,18 @@ Forcing a Log Rotation with ``SIGUSR1``
 ---------------------------------------
 
 For Linux and Unix-based systems, you can use the ``SIGUSR1`` signal
-to rotate the logs for a single process, as in the following:
+to rotate the logs for a single process.
+
+For example, if a running :binary:`~bin.mongod` instance has a
+process ID (PID) of ``2200``, the following command rotates the log
+file for that instance on Linux:
 
 .. code-block:: sh
 
-   kill -SIGUSR1 <mongod process id>
+   kill -SIGUSR1 2200
+
+Interaction with Audit Logs
+---------------------------
+
+If :doc:`auditing </core/auditing>` is enabled, the
+:dbcommand:`logRotate` command also rotates the audit log.