Getting Data In

How to ingest MongoDB logs from new servers into splunk?


Hi All,

We have a python code to ingest MongoDB logs into splunk and we are successfully ingesting logs from old servers.

Now there is a requirement to ingest mongodb logs into splunk from new servers.


This is how logs are ingested, now when I try the same for new servers, I get "Invalid Key error"


1) Firewall connectivity is working fine
2) MongoDB team says the password is correct

The password that is used, is that given by splunk team or the mongodb team?

If it is MongoDB team, where they need to check the password and the user id?

internal logs:

02-17-2022 18:45:50.916 +1100 WARN Application - Invalid key in stanza [abc_analytics://XXX-XXX-XXX] in /opt/splunk/etc/deployment-apps/modinput_abc_analytics_mongodb-XXX-XXX-XXX/local/inputs.conf, line 34: mongodb_uri (value: mongodb://Mongodbservername1.local:27017,Mongodbservername2.local:27017/abc_analytics?replicaSet=mongo-replica).\n
Labels (3)
0 Karma
Get Updates on the Splunk Community!

Platform Newsletter Highlights | March 2023

 March 2023 | Check out the latest and greatestIntroducing Splunk Edge Processor, simplified data ...

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...