- this repository contains a collection of Icinga / Nagios plugins to monitor a MongoDB database
- tested with MongoDB 4.2, 4.4 and 5.0
- Written for python3
- Minimal dependencies (only required non-default library is
toml)
- Make sure python 3.x is installed on the machine
- Install
tomllibrarypip3 install toml
- For security reasons these plugins do not accept the connections parameters for the database as arguments
- Instead the plugins reads the parametes from a hidden toml-formatted configuration file
-
Default:
/etc/nagios/.mdbservice, use--credentialfile=/path/to/your/filefor a non-default location -
Ideally change the file owner and permissions of
.mdbserviceso that only the user executing the plugins can read the config file[localhost] hostname="localhost" port=27017 user="yourdbuser" pw="secretpassword" authdb="admin" tls=true tlscafile="/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"
-
[instancename]: you can configure multiple connections within one.mdbservice-file. This config section name corresponds with the--instance-argument of the pluginhostname: optional, defaults tolocalhostport: optional, defaults to27017user: optionalpw: optionalauthdb: optional, defaults toadmintls:true/false, defaults totruetlscafile: Path to cacerts file for TLS certificate validationtls_allow_invalid_hostnames:true/false, connect to MongoDB via TLS even if the CommonName/SubjectAlternativeName of the Cert does not match our Servername. Defaults tofalsetls_allow_invalid_certificates:true/false, connect to MongoDB via TLS even if the TLS-Certificate is invalid (i.e. expired). Defaults tofalse
-
Open a MongoDB DB shell, create a dedicated monitoring user and assign the
clusterMonitorroleuse admin db.createUser( { user: "monitoring", pwd: passwordPrompt(), roles: [ { role: "clusterMonitor", db: "admin" } ] } )