MongoDB Logs

Overview

Evidence: MongoDB Logs Description: Collect MongoDB Logs Category: Applications Platform: macos Short Name: mngl Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

MongoDB database logs on macOS record database operations, queries, connections, authentication attempts, and errors. These logs vary by installation method including system, Homebrew Intel, and Homebrew Apple Silicon installations.

Data Collected

This collector gathers structured data about mongodb logs.

Collection Method

This collector gathers MongoDB logs from multiple installation locations including system directories and various Homebrew installation paths for both Intel and Apple Silicon Macs.

Forensic Value

MongoDB logs are valuable for investigating database breaches, unauthorized data access, injection attacks, authentication failures, and data exfiltration. They reveal query patterns, connection sources, and database compromise indicators.