How to ingest MongoDB logs from new servers into s...

Getting Data In

Hi All,

We have a python code to ingest MongoDB logs into splunk and we are successfully ingesting logs from old servers.

Now there is a requirement to ingest mongodb logs into splunk from new servers.

mongodb://USER:PASS@SERVER1:27017,SERVER2:27017/abc_analytics?replicaSet=mongo-replica</description>

This is how logs are ingested, now when I try the same for new servers, I get "Invalid Key error"

NOTE:

1) Firewall connectivity is working fine
2) MongoDB team says the password is correct

The password that is used, is that given by splunk team or the mongodb team?

If it is MongoDB team, where they need to check the password and the user id?

internal logs:

02-17-2022 18:45:50.916 +1100 WARN Application - Invalid key in stanza [abc_analytics://XXX-XXX-XXX] in /opt/splunk/etc/deployment-apps/modinput_abc_analytics_mongodb-XXX-XXX-XXX/local/inputs.conf, line 34: mongodb_uri (value: mongodb://Mongodbservername1.local:27017,Mongodbservername2.local:27017/abc_analytics?replicaSet=mongo-replica).\n

Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...

Introduction to Splunk AI

How are you using AI in Splunk? Whether you see AI as a threat or opportunity, AI is here to stay. Lucky for ...