How to ingest MongoDB logs from new servers into s...

Getting Data In

Hi All,

We have a python code to ingest MongoDB logs into splunk and we are successfully ingesting logs from old servers.

Now there is a requirement to ingest mongodb logs into splunk from new servers.

mongodb://USER:PASS@SERVER1:27017,SERVER2:27017/abc_analytics?replicaSet=mongo-replica</description>

This is how logs are ingested, now when I try the same for new servers, I get "Invalid Key error"

NOTE:

1) Firewall connectivity is working fine
2) MongoDB team says the password is correct

The password that is used, is that given by splunk team or the mongodb team?

If it is MongoDB team, where they need to check the password and the user id?

internal logs:

02-17-2022 18:45:50.916 +1100 WARN Application - Invalid key in stanza [abc_analytics://XXX-XXX-XXX] in /opt/splunk/etc/deployment-apps/modinput_abc_analytics_mongodb-XXX-XXX-XXX/local/inputs.conf, line 34: mongodb_uri (value: mongodb://Mongodbservername1.local:27017,Mongodbservername2.local:27017/abc_analytics?replicaSet=mongo-replica).\n

Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...