All Apps and Add-ons

MongoDB Monitoring: I need help with installation of this add-on

fsrodriguez
New Member

I can't find that much information on how to install this add on.
https://github.com/jruaux/mongodb-monitoring

Splunk Server already has the app installed.
I download the .tgz file from https://splunkbase.splunk.com/app/2957/#/details and extracted it in /splunkforwarder/etc/apps but I notice there is not setup.sh script in the folder.

I know I have to configure data inputs for admin, collection stats and database stats. But how is this going to get recognized without installing the add on on the mongo instance?

Thanks in Advance

0 Karma

Azeemering
Builder

I'm not sure what you are trying to do on a forwarder?
You should not install it on the forwarder but in etc/apps directory.

MongoDB Admin
To receive administrative events from MongoDB hosts, enable a mongo_admin data input under Settings > Data Inputs > MongoDB Admin

MongoDB Collection Stats
To fetch collection statistics from MongoDB hosts, enable a mongo_collstats data input under Settings > Data Inputs > MongoDB Collection Stats

MongoDB Database Stats
To fetch database statistics from MongoDB hosts, enable a mongo_db data input under Settings > Data Inputs > MongoDB Database Stats

MongoDB Logs
There are 3 ways to get MongoDB logs into Splunk:

set up a file monitor on the Splunk Universal Forwarder to tail mongod.log on all MongoDB hosts
configure mongod to send logs to Splunk via syslog
configure the MongoDB Monitoring app to collect logs via the MongoDB Client API by adding a data input under Settings > Data Inputs > MongoDB Logs
The MongoDB Monitoring app applies field extractions to the mongod sourcetype. By default the dashboards expect MongoDB logs to reside in the mongodb index with sourcetype mongod. You can change this by modifying the mongo_index and mongo_sourcetype macros under Settings > Advanced search > Search macros.

0 Karma

fsrodriguez
New Member

I have done all the steps mentioned above. I created a monitor for mongod.log When I go to the MongoDB Monitoring dashboard everything is empty. No data is being received form anywhere.

0 Karma

esoterican
New Member

I've also configured the data inputs and made sure that my cluster hosted in Atlas is accessible from my machine. However the Splunk docker images renders the dashboard empty.

Can someone please shed some light on this?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...