Updates auditing and logging page with Ian's changes (#58)

Author: sarahsimpers

source/auditing-logging.txt

@@ -37,45 +37,48 @@ multiple users. As a |service| administrator, you can:
   - source IP addresses
   - timestamps for successful and failed attempts
 
-- Configure a JSON-formatted audit filter to customize MongoDB auditing
+- :atlas:`Configure a JSON-formatted audit filter 
+  </database-auditing/#configure-a-custom-auditing-filter>` to
+  customize MongoDB auditing
   and select the actions, database users, |service| roles, and |ldap| groups
   that you want to audit. If you create a custom audit filter, you can
   skip using the managed {+atlas-ui+} auditing filter builder and configure
-  your own tailored filter of event auditing.
+  your own tailored filter of event auditing. For a full list of
+  events you can configure for auditing, and for a list of examples,
+  see :manual:`MongoDB auditing </core/auditing>` and :atlas:`Example Auditing Filters 
+  </database-auditing/#example-auditing-filters>`.
 
   You can :manual:`configure manual auditing </core/auditing>` of most of the
   documented :manual:`system event actions </reference/audit-message/mongo/>`
   in |service|. Granular MongoDB database auditing allows you to track
   usage of all DDL (Data Definition Language), DML (Data Manipulation Language),
-  and DCL (Data Control Language) commands in detail. For a full list of
-  events you can configure for auditing, and for a list of examples,
-  see :manual:`MongoDB auditing </core/auditing>`. See also
+  and DCL (Data Control Language) commands in detail. See also
   :atlas:`Set up Database Auditing </database-auditing>`.
 
-- :atlas:`Audit the actions of temporary database users </production-notes/#audit-temporary-database-users>`.
-
 .. _accessing-audit-logs:
 
 Accessing Audit Logs
 ````````````````````
 
 .. include:: /includes/cloud-docs/logs.rst
 
-To return and update your audit configuration per project, use the following 
-`Atlas Administration API <https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/>`__ commands:
+To return and update your audit configuration per project, use the following {+atlas-cli+} commands:
 
-- :ref:`atlas-auditing-describe <atlas-auditing-describe>` returns the
+- :ref:`atlas auditing describe <atlas-auditing-describe>` returns the
   auditing configuration for the specified project.
-- :ref:`atlas-auditing-update <atlas-auditing-update>` updates
+- :ref:`atlas auditing update <atlas-auditing-update>` updates
   the auditing configuration for the specified project.
 
 You can :ref:`view authentication attempts <access-tracking>` that users
-make against your {+cluster+}. |service| logs both successful and unsuccessful
+make against your {+cluster+} with the {+atlas-cli+}, 
+{+atlas-admin-api+}, or {+atlas-ui+}. |service| logs both successful and unsuccessful
 authentication attempts, including the timestamp of each attempt and which
 user tried to authenticate.
 
-You can :ref:`view and filter the activity feed <view-activity-feed>`
-for an organization or project.
+You can also :ref:`view and filter the activity feed <view-activity-feed>`
+for an organization or project with the {+atlas-cli+}, 
+{+atlas-admin-api+}, or {+atlas-ui+}. The activity feed lists all
+events at the organization or project level
 
 To perform a full audit, you can use a combination of audit logs,
 the ``mongodb.log``, and :ref:`the project activity feed <view-activity-feed>`.
@@ -89,6 +92,9 @@ To optimize costs, you can disable auditing in lower environments for developmen
 Certain industries, like healthcare and financial services, may opt to keep 
 auditing enabled in development for compliance reasons.
 
+Enabling auditing for all database users, including application
+service users, might affect cluster performance. We recommend that you audit only the actions of users that require auditing.
+
 For staging and production environments, enable auditing for
 additional security. We recommend that you audit the following events at a minimum: