When you initially create a database account…..this action will be logged in the database audit logs as configured, however when you try to re-attempt to create the account again….a normal error message will be displayed as shown below:

db.createUser( {user: "test111_3",pwd: "emad123",roles: [ { role: "readWrite", db: "admin" } ]})

When examining the audit logs the two entries are identical in results which shouldn’t be the case….I think the flag “result” when command executed failed should have a different value to distinguish successfully executed commands from failed executed commands:

{ "atype" : "createUser", "ts" : { "$date" : "2024-08-30T13:04:59.535+03:00" }, "uuid" : { "$binary" : "A1DPqlPsT+u7xH2St9yiug==", "$type" : "04" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65266 }, "users" : [ { "user" : "mongo", "db" : "admin" } ], "roles" : [ { "role" : "root", "db" : "admin" } ], "param" : { "user" : "test1113", "db" : "admin", "roles" : [ { "role" : "readWrite", "db" : "admin" } ] }, "result" : 0 }
{ "atype" : "createUser", "ts" : { "$date" : "2024-08-30T13:06:10.918+03:00" }, "uuid" : { "$binary" : "A1DPqlPsT+u7xH2St9yiug==", "$type" : "04" }, "local" : { "ip" : "127.0.0.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 65266 }, "users" : [ { "user" : "mongo", "db" : "admin" } ], "roles" : [ { "role" : "root", "db" : "admin" } ], "param" : { "user" : "test1113", "db" : "admin", "roles" : [ { "role" : "readWrite", "db" : "admin" } ] }, "result" : 0 }