MongoDB Monitoring Tool Mongosniff

MongoDB Monitoring Tool Mongosniff

Introduced

Mongosniff provides a low-level operational tracking and sniffing map of real-time database activity. Mongosniff can be thought of as custom-designed for MongoDB, similar to tcpdump for TCP/IP network traffic analysis. Mongosniff is often used to drive development.

Note: Mongosniff requires Libpcap and is available only for Unix-like systems.

In contrast to Mongosniff,wireshark, a popular network sniffer tool can be used to detect and parse MongoDB line protocols.

Usage

The following command connects to Mongod or MONGOs running on 27017 and 27018 of localhost:

Mongosniff--source NET Lo 27017 27018

The following command records only invalid Bson objects that run Mongod or mongos on 27018 on localhost, and is used to drive development and issue tracking:

Mongosniff--objcheck--source NET Lo 27018

Practice

[Email protected] ~]# Mongosniff--help mongosniff:error while loading shared libraries:libpcap.so.0.9:cannot open Shared object File:no such file or directory

[email protected] ~]# which Mongosniff/usr/bin/mongosniff

[[email protected] ~]# ldd /usr/bin/mongosniff            linux-vdso.so.1 =>   (0x00007fffe2d7a000)              libpthread.so.0 => /lib64/libpthread.so.0  ( 0x0000003558e00000)             librt.so.1 = > /lib64/librt.so.1  (0x0000003559200000)              libpcap.so.0.9 => not found             libstdc++.so.6 => /usr/lib64/libstdc++.so.6  ( 0x0000003559e00000)             libm.so.6 = > /lib64/libm.so.6  (0x0000003559600000)              libgcc_s.so.1 => /lib64/libgcc_s.so.1  (0x000000355a600000)              libc.so.6 => /lib64/libc.so.6  (0x0000003558a00000)              /lib64/ld-linux-x86-64.so.2  (0x0000003558200000)

It can be seen that libpcap.so.0.9 = not found is not found.

[Email protected] ~]# cd/usr/lib64 [[email protected] lib64]# Ls-al |  grep libpcap lrwxrwxrwx. 1 root root 17:28 libpcap.so.1-libpcap.so.1.4.0-rwxr-xr-x 1 root root 260880 Nov LIBP cap.so.1.4.0

Add a soft connection.

[Email protected] lib64]# ln-s/usr/lib64/libpcap.so.1.4.0/usr/lib64/libpcap.so.0.9

Review the help again.

[[email protected] lib64]# mongosniff --help   usage: mongosniff  [--help] [--forward host:port] [--source  (net <interface> |  (FILE  | diaglog)  <filename>)] [<port0> <port1> ... ]     --forward       forward all parsed request  messages to mongod instance at                      specified host:port     --source        Source of traffic to  sniff, either a network interface or a                     file containing  Previously captured packets in pcap format,                     or a file containing output  From mongod ' s --diaglog option.                     if no source is specified,  mongosniff will attempt to sniff                     from one of the  Machine ' s network interfaces.    --objcheck       log hex representation of invalid bson objects and nothing                      Else.  spurious messages about invalid objects may result                     when there are  dropped tcp packets.    <port0>...       these parameters are used to filter sniffing.  by default,                       only port 27017 is sniffed.    --help           print this help message.

Grab Bag:

[Email protected] lib64]#/usr/bin/mongosniff--source NET bond0 >/var/log/currentop/sniff.log

Here are some of the things in Sniff.log:

10.10.0.1:55553-->> 10.10.0.2:27017 mytest.pro 1042 bytes id:41d99 269721 query: {$query: {ID:  {$in: [380, 383]}, Availability.status: {$lt: 5}, $or: [{id: {$lt: 331}}, {id: {$gt: $, $lt:]}, {ID: {$gt: $lt: 800}} ]}, $orderby: {availability.status:1}} ntoreturn:0 ntoskip:0 hasfields slaveok

This article is from the SQL Server deep dives blog, so be sure to keep this source http://ultrasql.blog.51cto.com/9591438/1653568

MongoDB Monitoring Tool Mongosniff