MarkLogic Server Auditing
MarkLogic Server includes an auditing capability. You can enable auditing to capture security-relevant events to monitor suspicious database activity or to satisfy applicable auditing requirements. You can configure the generation of audit events by including or excluding MarkLogic Server roles, users, or documents based on URI. Some actions that can be audited are the following:
startup and shutdown of MarkLogic Server
adding or removing roles from a user
usage of amps
starting and stopping the auditing system
For the complete list of auditable events and their descriptions, see Auditing Events in Administrating MarkLogic Server.