Docs Menu
Docs Home
/ /
MongoDB CLI
/ / /

mongocli ops-manager logs decrypt

On this page

  • Syntax
  • Options
  • Inherited Options
  • Examples

Decrypts an audit log file with the provided local key file or with a server that supports KMIP.

Command Syntax
mongocli ops-manager logs decrypt [options]
Name
Type
Required
Description
-f, --file
string
true
Path to the file that contains encrypted audit logs.
-h, --help
false
help for decrypt
--kmipClientCertificateFile
string
false
Path to the Client Certificate file used to connect to the server that supports Key Management Interoperability Protocol (KMIP).
--kmipClientCertificatePassword
string
false
Password to decrypt the Private Key of the Client Certificate used to connect to the server that supports KMIP.
--kmipPassword
string
false
Password that authenticates the username to the server that supports KMIP.
--kmipServerCAFile
string
false
Path to the CA file used to connect to the server that supports KMIP.
--kmipUsername
string
false
Username for authenticating to the server that supports KMIP.
--localKeyFile
string
false
Path to the file that contains the Key Encryption Key (KEK) that is used to encrypt the Log Encryption Key (LEK).
-o, --out
string
false
Path to the file where MongoCLI will save the contents of the decrypted audit log. If not specified, MongoCLI writes the contents of the decrypted audit log to stdout.
Name
Type
Required
Description
-P, --profile
string
false
Name of the profile to use from your configuration file. To learn about profiles for MongoCLI, see https://dochub.mongodb.org/core/atlas-cli-configuration-file.
#
# For audit logs in BSON format:
mongocli ops-manager logs decrypt --localKeyFile /path/to/keyFile --file /path/to/logFile.bson --out /path/to/file.json
# For audit logs in JSON format:
mongocli ops-manager logs decrypt --localKeyFile /path/to/keyFile --file /path/to/logFile.json --out /path/to/file.json

Back

logs