All Apps and Add-ons

MongoDB Monitoring: I need help with installation of this add-on

fsrodriguez
New Member

I can't find that much information on how to install this add on.
https://github.com/jruaux/mongodb-monitoring

Splunk Server already has the app installed.
I download the .tgz file from https://splunkbase.splunk.com/app/2957/#/details and extracted it in /splunkforwarder/etc/apps but I notice there is not setup.sh script in the folder.

I know I have to configure data inputs for admin, collection stats and database stats. But how is this going to get recognized without installing the add on on the mongo instance?

Thanks in Advance

0 Karma

Azeemering
Builder

I'm not sure what you are trying to do on a forwarder?
You should not install it on the forwarder but in etc/apps directory.

MongoDB Admin
To receive administrative events from MongoDB hosts, enable a mongo_admin data input under Settings > Data Inputs > MongoDB Admin

MongoDB Collection Stats
To fetch collection statistics from MongoDB hosts, enable a mongo_collstats data input under Settings > Data Inputs > MongoDB Collection Stats

MongoDB Database Stats
To fetch database statistics from MongoDB hosts, enable a mongo_db data input under Settings > Data Inputs > MongoDB Database Stats

MongoDB Logs
There are 3 ways to get MongoDB logs into Splunk:

set up a file monitor on the Splunk Universal Forwarder to tail mongod.log on all MongoDB hosts
configure mongod to send logs to Splunk via syslog
configure the MongoDB Monitoring app to collect logs via the MongoDB Client API by adding a data input under Settings > Data Inputs > MongoDB Logs
The MongoDB Monitoring app applies field extractions to the mongod sourcetype. By default the dashboards expect MongoDB logs to reside in the mongodb index with sourcetype mongod. You can change this by modifying the mongo_index and mongo_sourcetype macros under Settings > Advanced search > Search macros.

0 Karma

fsrodriguez
New Member

I have done all the steps mentioned above. I created a monitor for mongod.log When I go to the MongoDB Monitoring dashboard everything is empty. No data is being received form anywhere.

0 Karma

esoterican
New Member

I've also configured the data inputs and made sure that my cluster hosted in Atlas is accessible from my machine. However the Splunk docker images renders the dashboard empty.

Can someone please shed some light on this?

0 Karma
Get Updates on the Splunk Community!

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...