Table: mongodbatlas_project_event - Query MongoDB Atlas Project Events using SQL

MongoDB Atlas Project Events are a record of actions and changes made within a project in MongoDB Atlas. These events can include modifications to database configurations, user access changes, and general project activity. It's a crucial resource for auditing and monitoring the activities within a MongoDB Atlas project.

Table Usage Guide

The mongodbatlas_project_event table provides insights into Project Events within MongoDB Atlas. As a Database Administrator or Security Analyst, explore event-specific details through this table, including event types, user details, and timestamps. Utilize it to monitor project activities, track configuration changes, and enhance auditing procedures.

Examples

Basic info

Explore which events are associated with specific users within a project in MongoDB Atlas. This can be useful for auditing purposes or to monitor user activities within a project.

select
  id,
  event_type_name,
  project_id,
  target_username
from
  mongodbatlas_project_event;

select
  id,
  event_type_name,
  project_id,
  target_username
from
  mongodbatlas_project_event;

List all events raised by a specific user

Explore all activities initiated by a specific user within a project. This helps in auditing user actions and understanding their impact on project operations.

select
  id,
  event_type_name
from
  mongodbatlas_project_event
where
  target_username = 'billy@example.com'
order by
  created;

select
  id,
  event_type_name
from
  mongodbatlas_project_event
where
  target_username = 'billy@example.com'
order by
  created;

Check if AWS encryption key needs rotation

Determine if your AWS encryption key requires rotation by identifying if any related events have occurred within the last 24 hours. This allows you to maintain security standards by ensuring encryption keys are updated regularly.

select
  count(id) > 0
from
  mongodbatlas_project_event
where
  event_type_name = 'AWS_ENCRYPTION_KEY_NEEDS_ROTATION'
  and created > (now() - INTERVAL '24 hours');

select
  count(id) > 0
from
  mongodbatlas_project_event
where
  event_type_name = 'AWS_ENCRYPTION_KEY_NEEDS_ROTATION'
  and created > datetime('now', '-24 hours');

Schema for mongodbatlas_project_event

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
alert_config_id	text		Unique identifier for the alert configuration associated to the alertId.
alert_id	text	=	Unique identifier for the alert associated with the event.
api_key_id	text		Unique identifier for the API Key that triggered the event. If this field is present in the response, Atlas does not return the userId field.
collection	text		Name of the collection on which the event occurred. This field can be present when the eventTypeName is either DATA_EXPLORER or DATA_EXPLORER_CRUD.
created	timestamp with time zone	>, >=, =, <, <=	UTC date when the event occurred.
current_value	jsonb		Describes the value of the metricName at the time of the event.
database	text		Name of the database on which the event occurred. This field can be present when the eventTypeName is either DATA_EXPLORER or DATA_EXPLORER_CRUD.
event_type_name	text		Human-readable label that indicates the type of event.
hostname	text		The hostname of the Atlas host machine associated to the event.
id	text		Unique identifier for the event.
invoice_id	text		The unique identifier of the invoice associated to the event.
is_global_admin	boolean		Indicates whether the user who triggered the event is a MongoDB employee.
links	jsonb		One or more uniform resource locators that link to sub-resources and/or related resources. The Web Linking Specification explains the relation-types between URLs.
metric_name	text		The name of the metric associated to the alertId.
op_type	text		Type of operation that occurred. This field is present when the eventTypeName is either DATA_EXPLORER or DATA_EXPLORER_CRUD.
org_id	text		The unique identifier for the organization in which the event occurred.
organization_id	text	=, !=, ~~, ~~, !~~, !~~	Unique identifier for the organization.
payment_id	text		The unique identifier of the invoice payment associated to the event.
port	bigint		The port on which the mongod or mongos listens.
project_id	text	=	The unique identifier for the project in which the event occurred.
public_key	text		Public key associated with the API Key that triggered the event. If this field is present in the response, Atlas does not return the 'username' field.
remote_address	text		IP address of the userId Atlas user who triggered the event.
replica_set_name	text		The name of the replica set associated to the event.
shard_name	text		The name of the shard associated to the event.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
target_public_key	text		The public key of the API Key targeted by the event.
target_username	text		The username for the Atlas user targeted by the event.
team_id	text		The unique identifier for the Atlas team associated to the event.
title	text		Title of the resource.
user_id	text		The unique identifier for the Atlas user who triggered the event. If this field is present in the response, Atlas does not return the apiKeyId field.
username	text		The username for the Atlas user who triggered the event. If this field is present in the response, Atlas does not return the publicKey field.
whitelist_entry	text		The white list entry of the API Key targeted by the event.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- mongodbatlas

You can pass the configuration to the command with the --config argument:

steampipe_export_mongodbatlas --config '<your_config>' mongodbatlas_project_event