From fe8ed39d790cd01d9c3dd95eaec65f4c62c2cf71 Mon Sep 17 00:00:00 2001 From: Allison Moore Date: Thu, 18 Dec 2014 09:45:35 -0500 Subject: [PATCH 1/3] build fixes --- source/includes/note-fips-is-enterprise-only.rst | 2 +- source/includes/options-mongod.yaml | 1 + source/includes/options-mongorestore.yaml | 2 +- source/includes/options-mongotop.yaml | 2 +- source/reference/program/mongoexport.txt | 2 +- source/reference/program/mongos.txt | 2 +- source/release-notes/2.6.txt | 2 +- 7 files changed, 7 insertions(+), 6 deletions(-) diff --git a/source/includes/note-fips-is-enterprise-only.rst b/source/includes/note-fips-is-enterprise-only.rst index fdce6acada5..8e79151f964 100644 --- a/source/includes/note-fips-is-enterprise-only.rst +++ b/source/includes/note-fips-is-enterprise-only.rst @@ -1,4 +1,4 @@ .. note:: FIPS Compatible SSL is available only in `MongoDB Enterprise `_. See - :docs:`/tutorial/configure-fips` for more information. + :doc:`/tutorial/configure-fips` for more information. diff --git a/source/includes/options-mongod.yaml b/source/includes/options-mongod.yaml index d643463ee6b..310d3a0818f 100644 --- a/source/includes/options-mongod.yaml +++ b/source/includes/options-mongod.yaml @@ -1459,6 +1459,7 @@ description: | .. code-block:: javascript { atype: , "param.db": } + .. include:: /includes/note-audit-in-enterprise-only.rst optional: true --- diff --git a/source/includes/options-mongorestore.yaml b/source/includes/options-mongorestore.yaml index deacffe56d3..2189cd7d46f 100644 --- a/source/includes/options-mongorestore.yaml +++ b/source/includes/options-mongorestore.yaml @@ -354,7 +354,7 @@ optional: true --- program: mongorestore name: numParallelCollections -alias: j +alias: -j args: int directive: option description: | diff --git a/source/includes/options-mongotop.yaml b/source/includes/options-mongotop.yaml index 9f9e2f8bd18..b184dea352d 100644 --- a/source/includes/options-mongotop.yaml +++ b/source/includes/options-mongotop.yaml @@ -168,7 +168,7 @@ optional: true --- program: mongotop name: rowcount -alias: n +alias: -n directive: option args: int description: | diff --git a/source/reference/program/mongoexport.txt b/source/reference/program/mongoexport.txt index 0b628877e9a..11a5124391c 100644 --- a/source/reference/program/mongoexport.txt +++ b/source/reference/program/mongoexport.txt @@ -98,7 +98,7 @@ Options .. include:: /includes/option/option-mongoexport-jsonArray.rst -.. include:: /includes/option/optoin-mongoexport-pretty.rst +.. include:: /includes/option/option-mongoexport-pretty.rst .. include:: /includes/option/option-mongoexport-slaveOk.rst diff --git a/source/reference/program/mongos.txt b/source/reference/program/mongos.txt index f828edc5a3d..5c99febf42c 100644 --- a/source/reference/program/mongos.txt +++ b/source/reference/program/mongos.txt @@ -113,7 +113,7 @@ SSL Options .. include:: /includes/option/option-mongos-sslCRLFile.rst -.. include:: /includes/option/option-mongos-sslAllowConnectionsWithoutCertificates.rst +.. include:: /includes/option/option-mongos-sslWeakCertificateValidation.rst .. include:: /includes/option/option-mongos-sslAllowInvalidCertificates.rst diff --git a/source/release-notes/2.6.txt b/source/release-notes/2.6.txt index bf8d28db707..cadeb9358cf 100644 --- a/source/release-notes/2.6.txt +++ b/source/release-notes/2.6.txt @@ -347,7 +347,7 @@ Index Build Enhancements ~~~~~~~~~~~~~~~~~~~~~~~~ - :ref:`Background index build - ` allowed on + ` allowed on secondaries. If you initiate a background index build on a :term:`primary`, the secondaries will replicate the index build in the background. From 3a5b3628036fce093b26027bbbe67c879b0f99c4 Mon Sep 17 00:00:00 2001 From: kay Date: Wed, 3 Dec 2014 20:13:35 -0500 Subject: [PATCH 2/3] DOCS-4308 DOCS-4433 reverts the reverted auditing changes Conflicts: source/includes/options-mongod.yaml source/reference/audit-message.txt source/tutorial/configure-auditing.txt --- source/core/auditing.txt | 20 +- .../fact-audit-filter-single-quotes.rst | 2 + .../fact-audit-filter-yaml-configuration.rst | 3 + source/includes/options-mongod.yaml | 13 +- ...ble-system-event-audit-params-results.yaml | 175 ++++++++++++------ source/reference/audit-message-fields.yaml | 21 ++- source/reference/audit-message.txt | 24 ++- source/tutorial/configure-auditing.txt | 147 ++++++--------- 8 files changed, 236 insertions(+), 169 deletions(-) create mode 100644 source/includes/fact-audit-filter-single-quotes.rst create mode 100644 source/includes/fact-audit-filter-yaml-configuration.rst diff --git a/source/core/auditing.txt b/source/core/auditing.txt index 77a419a4ef8..0e20b6d5cf4 100644 --- a/source/core/auditing.txt +++ b/source/core/auditing.txt @@ -13,29 +13,27 @@ MongoDB Enterprise includes an auditing capability for facility allows administrators and users to track system activity for deployments with multiple users and applications. The auditing facility can write audit events to the console, the :term:`syslog`, a JSON file, -or a BSON file. For details on the audit log messages, see -:doc:`/reference/audit-message`. +or a BSON file. Audit Events and Filter ----------------------- -The auditing system can record the following operations: +To enable auditing for MongoDB Enterprise, see +:doc:`/tutorial/configure-auditing`. + +Once enabled, the auditing system can record the following operations: - schema (DDL), - replica set, - authentication and authorization, and - general operations. -See :ref:`audit-action-details-results` for the specific actions -recorded. +For details on the audit log messages, see +:doc:`/reference/audit-message`. By default, the auditing system records all these operations; however, -you can configure the :option:`--auditFilter` option to restrict the -events captured. - -See :doc:`/tutorial/configure-auditing` to enable and configure -auditing for MongoDB Enterprise. To set up filters, see -:ref:`audit-filter`. +you can :ref:`set up filters ` to restrict the events +captured. To set up filters, see :ref:`audit-filter`. Audit Guarantee --------------- diff --git a/source/includes/fact-audit-filter-single-quotes.rst b/source/includes/fact-audit-filter-single-quotes.rst new file mode 100644 index 00000000000..593e560601a --- /dev/null +++ b/source/includes/fact-audit-filter-single-quotes.rst @@ -0,0 +1,2 @@ +To specify an audit filter, enclose the filter document in single +quotes to pass the document as a string. diff --git a/source/includes/fact-audit-filter-yaml-configuration.rst b/source/includes/fact-audit-filter-yaml-configuration.rst new file mode 100644 index 00000000000..171e8416899 --- /dev/null +++ b/source/includes/fact-audit-filter-yaml-configuration.rst @@ -0,0 +1,3 @@ +To specify the audit filter in a :doc:`configuration file +`, you must use the YAML format of +the configuration file. diff --git a/source/includes/options-mongod.yaml b/source/includes/options-mongod.yaml index 310d3a0818f..71314470d06 100644 --- a/source/includes/options-mongod.yaml +++ b/source/includes/options-mongod.yaml @@ -1451,12 +1451,17 @@ description: | .. code-block:: javascript - { atype: } + { : , ... } - For authentication operations, the option can also take a document of - the form: + The ```` can be :doc:`any field in the audit message + `, including fields returned in the + :ref:`param ` document. The + ```` is a :ref:`query condition expression + `. - .. code-block:: javascript + .. include:: /includes/fact-audit-filter-single-quotes.rst + + .. include:: /includes/fact-audit-filter-yaml-configuration.rst { atype: , "param.db": } diff --git a/source/includes/table-system-event-audit-params-results.yaml b/source/includes/table-system-event-audit-params-results.yaml index 4c388e883f5..1860886b88b 100644 --- a/source/includes/table-system-event-audit-params-results.yaml +++ b/source/includes/table-system-event-audit-params-results.yaml @@ -36,7 +36,7 @@ rows: # table metadata, as meta. section: meta h_action: "``atype``" -h_params: "``params``" +h_params: "``param``" h_result: "``result``" --- # table content, as content. @@ -74,7 +74,7 @@ atype_removeShard: ":authaction:`removeShard`" atype_shardCollection: ":authaction:`shardCollection`" params_authenticate: | - .. code-block:: javascript + .. code-block:: none { user: , @@ -90,7 +90,7 @@ results_authenticate: | params_authCheck: | - .. code-block:: javascript + .. code-block:: none { command: , @@ -114,7 +114,7 @@ results_authCheck: | params_createIndex: | - .. code-block:: javascript + .. code-block:: none { ns: ., @@ -124,13 +124,13 @@ params_createIndex: | params_createDatabase: | - .. code-block:: javascript + .. code-block:: none { ns: } params_createCollection: | - .. code-block:: javascript + .. code-block:: none { ns: . } @@ -145,7 +145,7 @@ params_renameCollection: | params_dropIndex: | - .. code-block:: javascript + .. code-block:: none { ns: ., @@ -154,32 +154,38 @@ params_dropIndex: | params_dropDatabase: | - .. code-block:: javascript + .. code-block:: none { ns: } params_dropCollection: | - .. code-block:: javascript + .. code-block:: none { ns: . } params_createUser: | - .. code-block:: javascript + .. code-block:: none { user: , db: , customData: , - roles: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ] } The ``customData`` field is optional. params_dropUser: | - .. code-block:: javascript + .. code-block:: none { user: , @@ -188,81 +194,121 @@ params_dropUser: | params_dropAllUsersFromDatabase: | - .. code-block:: javascript + .. code-block:: none { db: } params_updateUser: | - .. code-block:: javascript + .. code-block:: none { user: , db: , passwordChanged: , customData: , - roles: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ] } The ``customData`` field is optional. params_grantRolesToUser: | - .. code-block:: javascript + .. code-block:: none { user: , db: , - roles: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ] } params_revokeRolesFromUser: | - .. code-block:: javascript + .. code-block:: none { user: , db: , - roles: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ] } params_createRole: | - .. code-block:: javascript + .. code-block:: none { role: , db: , - roles: [ , ... ], - privileges: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ], + privileges: [ + { + resource: , + actions: [ , ... ] + }, + ... + ] } - Either ``roles`` or the ``privileges`` field can be optional. + The ``roles`` and the ``privileges`` fields are optional. - The ``roles`` array contains role documents. See :ref:`audit-message-role`. - - The ``privileges`` array contains privilege documents. See :ref:`audit-message-privilege`. + For details on the resource document, see :ref:`resource-document`. + For a list of actions, see :ref:`security-user-actions`. params_updateRole: | - .. code-block:: javascript + .. code-block:: none { role: , db: , - roles: [ , ... ], - privileges: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ], + privileges: [ + { + resource: , + actions: [ , ... ] + }, + ... + ] } - Either ``roles`` or the ``privileges`` field can be optional. + The ``roles`` and the ``privileges`` fields are optional. - The ``roles`` array contains role documents. See :ref:`audit-message-role`. - - The ``privileges`` array contains privilege documents. See :ref:`audit-message-privilege`. + For details on the resource document, see :ref:`resource-document`. + For a list of actions, see :ref:`security-user-actions`. params_dropRole: | - .. code-block:: javascript + .. code-block:: none { role: , @@ -271,57 +317,83 @@ params_dropRole: | params_dropAllRolesFromDatabase: | - .. code-block:: javascript + .. code-block:: none { db: } params_grantRolesToRole: | - .. code-block:: javascript + .. code-block:: none { role: , db: , - roles: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ] } params_revokeRolesFromRole: | - .. code-block:: javascript + .. code-block:: none { role: , db: , - roles: [ , ... ] + roles: [ + { + role: , + db: + }, + ... + ] } params_grantPrivilegesToRole: | - .. code-block:: javascript + .. code-block:: none { role: , db: , - privileges: [ , ... ] + privileges: [ + { + resource: , + actions: [ , ... ] + }, + ... + ] } - The ``privileges`` array contains privilege documents. See :ref:`audit-message-privilege`. + For details on the resource document, see :ref:`resource-document`. + For a list of actions, see :ref:`security-user-actions`. params_revokePrivilegesFromRole: | - .. code-block:: javascript + .. code-block:: none { role: , db: , - privileges: [ , ... ] + privileges: [ + { + resource: , + actions: [ , ... ] + }, + ... + ] } - The ``privileges`` array contains privilege documents. See :ref:`audit-message-privilege`. + For details on the resource document, see :ref:`resource-document`. + For a list of actions, see :ref:`security-user-actions`. params_shutdown: | - .. code-block:: javascript + .. code-block:: none { } @@ -342,7 +414,7 @@ params_replSetReconfig: | params_applicationMessage: | - .. code-block:: javascript + .. code-block:: none { msg: } @@ -350,13 +422,13 @@ params_applicationMessage: | params_enableSharding: | - .. code-block:: javascript + .. code-block:: none { ns: } params_addShard: | - .. code-block:: javascript + .. code-block:: none { shard: , @@ -369,13 +441,13 @@ params_addShard: | params_removeShard: | - .. code-block:: javascript + .. code-block:: none { shard: } params_shardCollection: | - .. code-block:: javascript + .. code-block:: none { ns: ., @@ -383,6 +455,5 @@ params_shardCollection: | options: { unique: } } - The ``roles`` array contains role documents. See :ref:`audit-message-role`." results_0: "``0`` - Success" ... diff --git a/source/reference/audit-message-fields.yaml b/source/reference/audit-message-fields.yaml index 97a4a120ef2..47332d5c3a1 100644 --- a/source/reference/audit-message-fields.yaml +++ b/source/reference/audit-message-fields.yaml @@ -71,9 +71,24 @@ object: field: optional: false type: field -name: params -type: document +name: roles +type: array position: 6 +description: | + Array of documents that specify the :doc:`roles + ` granted to the user. Each document contains a + ``role`` field for the name of the role and a ``db`` field for the + database associated with the role. +--- +object: + name: audit + type: message +field: + optional: false + type: field +name: param +type: document +position: 7 description: | Specific details for the event. See :ref:`audit-action-details-results`. --- @@ -85,7 +100,7 @@ field: type: field name: result type: integer -position: 7 +position: 8 description: | Error code. See :ref:`audit-action-details-results`. ... diff --git a/source/reference/audit-message.txt b/source/reference/audit-message.txt index 6d26f2efa78..4d66274de89 100644 --- a/source/reference/audit-message.txt +++ b/source/reference/audit-message.txt @@ -6,9 +6,16 @@ System Event Audit Messages .. include:: /includes/note-audit-in-enterprise-only.rst -The :doc:`event auditing feature ` can record -events in JSON format. The recorded JSON messages have the following -syntax: +.. _audit-message-format: + +Audit Message +------------- + +The :doc:`event auditing feature ` can record events in +JSON format. To configure auditing output, see +:doc:`/tutorial/configure-auditing` + +The recorded JSON messages have the following syntax: .. code-block:: none @@ -17,8 +24,9 @@ syntax: ts : { "$date": }, local: { ip: , port: }, remote: { ip: , port: }, - users : [ { user: , db: String> }, ... ], - params: , + users : [ { user: , db: }, ... ], + roles: [ { role: , db: }, ... ], + param: , result: } @@ -30,10 +38,6 @@ Audit Event Actions, Details, and Results ----------------------------------------- The following table lists for each ``atype`` or action type, the -associated ``params`` details and the ``result`` values, if any. +associated ``param`` details and the ``result`` values, if any. .. include:: /includes/table/system-event-audit-params-results.rst - -.. [#performance] - - .. include:: /includes/fact-auditAuthorizationSuccess-performance-impact.rst diff --git a/source/tutorial/configure-auditing.txt b/source/tutorial/configure-auditing.txt index c4bf364eaf6..372255fdc3f 100644 --- a/source/tutorial/configure-auditing.txt +++ b/source/tutorial/configure-auditing.txt @@ -41,10 +41,12 @@ is unavailable on Windows) in JSON format, specify ``syslog`` for the You may also specify these options in the :doc:`configuration file `: -.. code-block:: none +.. code-block:: yaml - dbpath=data/db - auditDestination=syslog + storage: + dbPath: data/db + auditLog: + destination: syslog Output to Console ~~~~~~~~~~~~~~~~~ @@ -60,10 +62,12 @@ output (i.e. ``stdout``), specify ``console`` for the You may also specify these options in the :doc:`configuration file `: -.. code-block:: none +.. code-block:: yaml - dbpath=data/db - auditDestination=console + storage: + dbPath: data/db + auditLog: + destination: console Output to JSON File ~~~~~~~~~~~~~~~~~~~ @@ -86,12 +90,14 @@ The audit file rotates at the same time as the server log file. You may also specify these options in the :doc:`configuration file `: -.. code-block:: none +.. code-block:: yaml - dbpath=data/db - auditDestination=file - auditFormat=JSON - auditPath=data/db/auditLog.json + storage: + dbPath: data/db + auditLog: + destination: file + format: JSON + path: data/db/auditLog.json .. note:: Printing audit events to a file in JSON format degrades server performance more than printing to a file in BSON format. @@ -116,12 +122,14 @@ The audit file rotates at the same time as the server log file. You may also specify these options in the :doc:`configuration file `: -.. code-block:: none +.. code-block:: yaml - dbpath=data/db - auditDestination=file - auditFormat=BSON - auditPath=data/db/auditLog.bson + storage: + dbPath: data/db + auditLog: + destination: file + format: BSON + path: data/db/auditLog.bson To view the contents of the file, pass the file to the MongoDB utility :program:`bsondump`. For example, the following converts the audit log @@ -136,6 +144,7 @@ into a human-readable form and output to the terminal: Filter Events ------------- +<<<<<<< HEAD By default, the audit facility records all auditable operations as detailed in :ref:`audit-action-details-results`. The audit feature has an :option:`--auditFilter` option to determine which events to record. @@ -145,55 +154,55 @@ query document of the form: .. code-block:: javascript - { atype: } - -The ```` is a :ref:`query condition expression -` to match on :ref:`various actions -` . - -Filter for a Single Operation Type ----------------------------------- - -- The ```` can be :doc:`any field in the audit message - `, including fields returned in the - :ref:`param ` document. + { : , ... } -- The ```` is a :ref:`query condition expression - `. +The ```` can be :doc:`any field in the audit message +`, including fields returned in the +:ref:`param ` document. The +```` is a :ref:`query condition expression +`. .. include:: /includes/fact-audit-filter-single-quotes.rst + .. include:: /includes/fact-audit-filter-yaml-configuration.rst Filter for Multiple Operation Types ------------------------------------ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -To match on multiple operations, use the :operator:`$in` operator in -the ```` as in the following: +The following example uses the filter ``{ atype: { $in: [ +"createCollection", "dropCollection" ] } }`` to audit only the +:authaction:`createCollection` and :authaction:`dropCollection` actions. -.. tip:: - To specify the filter as a command-line option, enclose the filter document - in single quotes to pass the document as a string. +.. include:: /includes/fact-audit-filter-single-quotes.rst .. code-block:: javascript mongod --dbpath data/db --auditDestination file --auditFilter '{ atype: { $in: [ "createCollection", "dropCollection" ] } }' --auditFormat JSON --auditPath data/db/auditLog.json -Filter on Authentication Operations on a Single Database --------------------------------------------------------- +.. include:: /includes/fact-audit-filter-yaml-configuration.rst -For authentication operations, you can also specify a specific -database with the ``param.db`` field: +.. code-block:: yaml -.. code-block:: javascript + storage: + dbPath: data/db + auditLog: + destination: file + format: JSON + path: data/db/auditLog.json + filter: '{ atype: { $in: [ "createCollection", "dropCollection" ] } }' + +Filter on Authentication Operations on a Single Database +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - { atype: , "param.db": } +The ```` can include :doc:`any field in the audit message +`. For authentication operations, the audit +messages include a ``db`` field in the ``param`` document. -For example, to audit only ``authenticate`` operations that occur -against the ``test`` database, use the filter ``{ atype: -"authenticate", "param.db": "test" }``: +The following example uses the filter ``{ atype: "authenticate", +"param.db": "test" }`` to audit only the ``authenticate`` operations +that occur against the ``test`` database. -.. tip:: To specify the filter as a command-line option, enclose the - filter document in single quotes to pass the document as a string. +.. include:: /includes/fact-audit-filter-single-quotes.rst .. code-block:: javascript @@ -205,8 +214,6 @@ against the ``test`` database, use the filter ``{ atype: storage: dbPath: data/db - security: - authorization: enabled auditLog: destination: file format: JSON @@ -222,7 +229,7 @@ Filter by Authorization Role The following example uses the filter ``{ roles: { role: "readWrite", db: "test" } }`` to only audit operations for users with :authrole:`readWrite` role on the ``test`` database. This includes -users with roles that inherit from :authrole:`readWrite`. +users whose roles inherits from :authrole:`readWrite`. .. include:: /includes/fact-audit-filter-single-quotes.rst @@ -236,47 +243,9 @@ users with roles that inherit from :authrole:`readWrite`. storage: dbPath: data/db - security: - authorization: enabled - auditLog: - destination: file - format: JSON - path: data/db/auditLog.json - filter: '{ roles: { role: "readWrite", db: "test" } }' - -Filter by ``insert`` and ``remove`` Operations -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -To capture :authaction:`read` and :authaction:`write` operations in the -audit, you must also enable the audit system to log authorization -successes using the :parameter:`auditAuthorizationSuccess` parameter. -[#authorization-agnostic]_ -.. note:: - - .. include:: /includes/fact-auditAuthorizationSuccess-performance-impact.rst - -.. include:: /includes/fact-audit-filter-single-quotes.rst - -.. code-block:: javascript - - mongod --dbpath data/db --auth --setParameter auditAuthorizationSuccess=true --auditDestination file --auditFilter '{ atype: "authCheck", "param.command": { $in: [ "insert", "delete" ] } }' --auditFormat JSON --auditPath data/db/auditLog.json - -.. include:: /includes/fact-audit-filter-yaml-configuration.rst - -.. code-block:: yaml - - storage: - dbPath: data/db - security: - authorization: enabled auditLog: destination: file format: JSON path: data/db/auditLog.json - filter: '{ atype: "authCheck", "param.command": { $in: [ "insert", "delete" ] } }' - setParameter: { auditAuthorizationSuccess: true } - -.. [#authorization-agnostic] You can enable :parameter:`auditAuthorizationSuccess` - parameter without enabling ``--auth``; however, all operations will - return success for authorization checks. + filter: '{ roles: { role: "readWrite", db: "test" } }' From ec4feca9a6c06b7902ba91dad0d2de79557fe162 Mon Sep 17 00:00:00 2001 From: Allison Moore Date: Thu, 18 Dec 2014 13:34:04 -0500 Subject: [PATCH 3/3] fixing build sadnesses --- source/includes/options-mongod.yaml | 3 ++- source/includes/options-mongorestore.yaml | 2 +- source/includes/options-mongotop.yaml | 2 +- .../includes/table-system-event-audit-params-results.yaml | 2 +- source/reference/command/serverStatus.txt | 6 +++--- .../reference/method/db.createCollection-options-param.yaml | 4 +++- source/reference/method/db.getLogComponents.txt | 2 +- source/reference/replica-configuration.txt | 1 + source/tutorial/analyze-query-plan.txt | 2 +- 9 files changed, 14 insertions(+), 10 deletions(-) diff --git a/source/includes/options-mongod.yaml b/source/includes/options-mongod.yaml index 71314470d06..e8c89daecb8 100644 --- a/source/includes/options-mongod.yaml +++ b/source/includes/options-mongod.yaml @@ -1463,9 +1463,10 @@ description: | .. include:: /includes/fact-audit-filter-yaml-configuration.rst - { atype: , "param.db": } + { atype: , "param.db": } .. include:: /includes/note-audit-in-enterprise-only.rst + optional: true --- program: mongod diff --git a/source/includes/options-mongorestore.yaml b/source/includes/options-mongorestore.yaml index 2189cd7d46f..b3dce671b74 100644 --- a/source/includes/options-mongorestore.yaml +++ b/source/includes/options-mongorestore.yaml @@ -354,7 +354,7 @@ optional: true --- program: mongorestore name: numParallelCollections -alias: -j +aliases: -j args: int directive: option description: | diff --git a/source/includes/options-mongotop.yaml b/source/includes/options-mongotop.yaml index b184dea352d..b4158be46ce 100644 --- a/source/includes/options-mongotop.yaml +++ b/source/includes/options-mongotop.yaml @@ -168,7 +168,7 @@ optional: true --- program: mongotop name: rowcount -alias: -n +aliases: -n directive: option args: int description: | diff --git a/source/includes/table-system-event-audit-params-results.yaml b/source/includes/table-system-event-audit-params-results.yaml index 1860886b88b..88819710748 100644 --- a/source/includes/table-system-event-audit-params-results.yaml +++ b/source/includes/table-system-event-audit-params-results.yaml @@ -110,7 +110,7 @@ results_authCheck: | By default, the auditing system logs only the authorization failures. To enable the system to log authorization successes, use - the :parameter:`auditAuthorizationSuccess` parameter. [#performance]_ + the :parameter:`auditAuthorizationSuccess` parameter. params_createIndex: | diff --git a/source/reference/command/serverStatus.txt b/source/reference/command/serverStatus.txt index 7e853fb4b71..8e3d3a8168b 100644 --- a/source/reference/command/serverStatus.txt +++ b/source/reference/command/serverStatus.txt @@ -1126,7 +1126,7 @@ page. .. data:: severStatus.security.SSLServerCertificateExpirationDate - A :ref:`date object ` object that represents + A :ref:`date object ` object that represents the date when the SSL certificate specified by :setting:`net.ssl.PEMKeyPassword` expires. @@ -1510,8 +1510,8 @@ page. .. versionadded:: 2.8.0 - A document that reports on the use of :term:`database - commands`. The fields in :data:`~serverStatus.metrics.commands` are + A document that reports on the use of database + commands. The fields in :data:`~serverStatus.metrics.commands` are the names of :doc:`database commands ` and each value is a document that reports the total number of commands executed as well as the number of failed executions. diff --git a/source/reference/method/db.createCollection-options-param.yaml b/source/reference/method/db.createCollection-options-param.yaml index c39ef2cf609..a93ccd978a0 100644 --- a/source/reference/method/db.createCollection-options-param.yaml +++ b/source/reference/method/db.createCollection-options-param.yaml @@ -72,6 +72,7 @@ type: boolean position: 5 description: | + .. deprecated:: 2.8 For ``mmapv1``, all collections have :collflag:`usePowerOf2Sizes` allocation unless the ``noPadding`` @@ -90,12 +91,12 @@ type: boolean position: 5 description: | + .. versionchanged:: 2.8 For ``mmapv1``, ``noPadding`` flag removes all additional space in the record allocation, so that the allocation does not permit documents to grow after insertion without a new allocation. Defaults to ``false``. Use for insert-only workloads. - ## The description here must start with a blank line to render ## correctly. --- @@ -110,6 +111,7 @@ type: document position: 6 description: | + .. versionadded:: 2.8 Allows users to specify configuration to the storage engine on a diff --git a/source/reference/method/db.getLogComponents.txt b/source/reference/method/db.getLogComponents.txt index db146b33ac0..6a22969ce91 100644 --- a/source/reference/method/db.getLogComponents.txt +++ b/source/reference/method/db.getLogComponents.txt @@ -14,7 +14,7 @@ Definition Returns the current verbosity settings. The verbosity settings determine the amount of :doc:`/reference/log-messages` that MongoDB produces for each :ref:`log message component - `. + `. If a component inherits the verbosity level of its parent, :method:`db.getLogComponents()` displays ``-1`` for the component's diff --git a/source/reference/replica-configuration.txt b/source/reference/replica-configuration.txt index 3c02b9108d5..d4900652292 100644 --- a/source/reference/replica-configuration.txt +++ b/source/reference/replica-configuration.txt @@ -8,6 +8,7 @@ You can access the configuration of a :term:`replica set` using the :method:`rs.conf()` or :dbcommand:`replSetGetConfig`. .. _replica-set-configuration-settings: +.. _replica-set-configuration-document: Example Output -------------- diff --git a/source/tutorial/analyze-query-plan.txt b/source/tutorial/analyze-query-plan.txt index 514ae1effda..bd4c7e2d686 100644 --- a/source/tutorial/analyze-query-plan.txt +++ b/source/tutorial/analyze-query-plan.txt @@ -172,7 +172,7 @@ The :method:`~cursor.explain()` method returns the following results: that MongoDB scanned three index entries. - :data:`executionStats.totalDocsExamined - ` display ``3` to indicate + ` display ``3`` to indicate that MongoDB scanned three documents. When run with an index, the query scanned ``3`` index entries and ``3``