correct way of storing data in mongodb

Question

I have a many json outputs like below. Instead of storing these json as a file, I want to store them into mongodb! I am a new to mongodb and my question is should I store each file as a collection? or should each file be a document? Filenames are unique, and can generally be divided into two main types of file (e.g., x-value.json & y-value.json).

Mapping to mysql, each json file is a row in my mysql database! and columns are values like files_dropped

        {
            "attributes": {
                "analysis_date": 1579287037,
                "command_executions": [
                    "C:\Program Files\Synchronization\rastlsc.exe"
                    
                ],
                "files_dropped": [
                    {
                        "path": "\Program Files\Synchronization\rastls.dll" }
                ],
               
        {
            "attributes": {
                "analysis_date": 1579328273,
                "crypto_algorithms_observed": [
                    "AES"
                ],
                "files_deleted": [
                    "C:\Documents and Settings\nssB.tmp"
                ]
                "has_evtx": false,
                "has_html_report": true
                },
            {
            "attributes": {
                "analysis_date": 1579644008,
                "processes_created": [
                    "C:\DOCUMENT\Installer.exe"
                ]
                
            },
            {
            "attributes": {
                "analysis_date": 1579263621,
                "calls_highlighted": [
                    "SetFileTime"
                ],
                "command_executions": [
                    "C:\Users\<USER>\AppData\Local\Temp\Installer.exe"
                ],
                "has_html_report": true,
                "has_mem": false,
                "last_modification_date": 1579263621,
                "modules_loaded": [
                    "ADVAPI32.dll"]
            }

Answer 1

My sense is that these should be in a single collection. Let's call it info although the name is arbitrary. info will contain many docs in this shape. Notes:

1. _id can be anything; perfectly fine to let the client-side driver make it up upon insert.
2. It looks like analysis_date is a common required field. "Promote" it to root level -- and let's make it a real mongodb datetime type as well.
3. attributes can have essentially any required attributes; this is the power of polymorphism in mongodb.

 {
    _id: 0,
    "analysis_date":   ISODate("2020-01-17T18:50:37Z")
    "attributes": {
                "command_executions": [
                    "C:\Program Files\Synchronization\rastlsc.exe"
                    
                ],
                "files_dropped": [
                    {
                        "path": "\Program Files\Synchronization\rastls.dll" }
                ]
    }
}