Enabling the MongoDB Logging Firehose

This report describes the MongoBleed vulnerability (CVE-2025-14847) and demonstrates how exploitation with the MongoBleed tool generates very high volumes of MongoDB logs. It provides test metrics (16,604 raw log entries reduced to 2,427 aggregated events), example logs from attack activity, and practical recommendations for logging/aggregation strategies to retain security-relevant signal while reducing noise and ingestion costs.