MongoDB Compliance File Reference

The MongoDB audit includes checks for authentication, user listing, RBAC configuration, version Info, server status, host information, audit and logging info, SSL configuration, service configuration, IP and port configuration, and general MongoDB settings.

Note: MongoDB is a NoSQL database, which means it does not use the SQL query language for accessing the data.

This section includes the following information:

• MongoDB Syntax
• MongoDB Keywords

Scan Permissions

You must have the following scan permissions to run MongoDB audits:

• To run user listing checks, the scan account must have the viewUser action on the target user's database.

• To run role listing checks, the scan account must either be explicitly granted the role being queried, or have the viewRole action on the role's database.