I am working on getting an important integration between MongoDB Atlas and [Microsoft Sentinel (SIEM tool). This helps our enterprise customers mainly on Azure to see MongoDB s logs from the centralised Sentinel dashboard and run queries against them and get alerts/ analytics as they get for other DBs in their data estate.

For the integration to be successful for our customers, they should be able to write queries/ run analytics on the logs. As we dont have the Category and IDs and their schema documented, it makes it difficult for customers to full leverage this integration or any SIEM integration in future. A DOCSP (https://jira.mongodb.org/browse/DOCSP-48951) was also raised.