Return Database Access History for One Cluster using Its Cluster Name

GET /api/atlas/v2/groups/{groupId}/dbAccessHistory/clusters/{clusterName}

Returns the access logs of one cluster identified by the cluster's name. Access logs contain a list of authentication requests made against your cluster. You can't use this feature on tenant-tier clusters (M0, M2, M5). To use this resource, the requesting API Key must have the Project Monitoring Admin role.

Database Access History

Path parameters

groupId string Required

Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.

NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.

Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.
clusterName string Required

Human-readable label that identifies the cluster.

Minimum length is 1, maximum length is 64. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9-]*$.

Query parameters

envelope boolean

Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

Default value is false.
pretty boolean

Flag that indicates whether the response body should be in the prettyprint format.

Default value is false.
authResult boolean

Flag that indicates whether the response returns the successful authentication attempts only.
end integer(int64)

Date and time when to stop retrieving database history. If you specify end, you must also specify start. This parameter uses UNIX epoch time in milliseconds.
ipAddress string

One Internet Protocol address that attempted to authenticate with the database.

Format should match the following pattern: ^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)(\.(?!$)|$)){4}|([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}$.
nLogs integer(int32)

Maximum number of lines from the log to return.

Minimum value is 0, maximum value is 20000. Default value is 20000.
start integer(int64)

Date and time when MongoDB Cloud begins retrieving database history. If you specify start, you must also specify end. This parameter uses UNIX epoch time in milliseconds.

Responses

200 application/vnd.atlas.2023-01-01+json

OK
Hide response attribute Show response attribute object
- accessLogs array[object]
  
  Authentication attempt, one per object, made against the cluster.
  
  Authentication attempt, one per object, made against the cluster.
  
  Hide accessLogs attributes Show accessLogs attributes object
  
  authResult boolean
  
  Flag that indicates whether the response should return successful authentication attempts only.
  
  authSource string
  
  Database against which someone attempted to authenticate.
  
  failureReason string
  
  Reason that the authentication failed. Null if authentication succeeded.
  
  groupId string
  
  Unique 24-hexadecimal character string that identifies the project.
  
  Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.
  
  hostname string
  
  Human-readable label that identifies the hostname of the target node that received the authentication attempt.
  
  ipAddress string
  
  Internet Protocol address that attempted to authenticate with the database.
  
  Format should match the following pattern: ^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)(\.(?!$)|$)){4}|([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}$.
  
  logLine string
  
  Text of the host log concerning the authentication attempt.
  
  timestamp string
  
  Date and time when someone made this authentication attempt. MongoDB Cloud represents this timestamp in ISO 8601 format in UTC.
  
  username string
  
  Username used to authenticate against the database.
400 application/json

Bad Request.
Hide response attributes Show response attributes object
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32)
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
401 application/json

Unauthorized.
Hide response attributes Show response attributes object
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32)
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
500 application/json

Internal Server Error.
Hide response attributes Show response attributes object
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32)
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.

GET /api/atlas/v2/groups/{groupId}/dbAccessHistory/clusters/{clusterName}

atlas api accessTracking listAccessLogsByClusterName --help

import (
	"os"
	"context"
	"log"
	sdk "go.mongodb.org/atlas-sdk/v20230101001/admin"
)

func main() {
	ctx := context.Background()
	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")

	// See https://dochub.mongodb.org/core/atlas-go-sdk-oauth
	client, err := sdk.NewClient(sdk.UseOAuthAuth(clientID, clientSecret))

	if err != nil {
		log.Fatalf("Error: %v", err)
	}

	params = &sdk.ListAccessLogsByClusterNameApiParams{}
	sdkResp, httpResp, err := client.AccessTrackingApi.
		ListAccessLogsByClusterNameWithParams(ctx, params).
		Execute()
}

curl --include --header "Authorization: Bearer ${ACCESS_TOKEN}" \
  --header "Accept: application/vnd.atlas.2023-01-01+json" \
  -X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/dbAccessHistory/clusters/{clusterName}?pretty=true"

curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
  --digest --include \
  --header "Accept: application/vnd.atlas.2023-01-01+json" \
  -X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/dbAccessHistory/clusters/{clusterName}?pretty=true"

Response examples (200)

{
  "accessLogs": [
    {
      "authResult": true,
      "authSource": "string",
      "failureReason": "string",
      "groupId": "32b6e34b3d91647abb20e7b8",
      "hostname": "string",
      "ipAddress": "string",
      "logLine": "string",
      "timestamp": "string",
      "username": "string"
    }
  ]
}

Response examples (400)

{
  "error": 400,
  "detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
  "reason": "Bad Request",
  "errorCode": "VALIDATION_ERROR"
}

Response examples (401)

{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}

Response examples (500)

{
  "error": 500,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Internal Server Error",
  "errorCode": "UNEXPECTED_ERROR"
}