Ops Tools
4 results found
-
Ability to to turn on audit log compression/deletion
Ops Manager currently allows the ability to rotate audit logs based on the threshold settings in the Update MongoDB Log Settings modal but audit.logs do not compress/delete as the mongodb.logs do from the same modal. We would like the ability to either toggle compression/deletion of audit.log in that modal or a separate modal. We think a separate modal would be better since audit.logs may be used for security forensics and require a longer retention period.
28 votesWe are pleased to announce that Cloud Manager and Ops Manger (5.0.8) now have the ability to set up a different configuration for rotation of MongoDB Log and MongoDB Audit Log Files. This does depend on a feature available in MongoDB Enterprise Server 5.0 and up.
Documentation:
OM: https://docs.opsmanager.mongodb.com/current/tutorial/view-logs/index.html#configure-log-rotation
CM: https://docs.cloudmanager.mongodb.com/tutorial/view-logs/#configure-log-rotation
-
MongoDB Agent (Automation Module): don't attempt to auth with `__system` (SCRAM) user when `security.clusterAuthMode` is set to `x509`
Problem Statement,
What is the problem? MongoDB Agent (Automation Module) attempts to auth with__system
(SCRAM) user whensecurity.clusterAuthMode
is set tox509
.Why is this a problem? MongoDB Server process logs are flooded by unnecessary noise from such MongoDB Agent (Automation Module) failed auth attempts.
Example,
{"t":{"$date":"2021-05-10T11:08:02.115+0000"},"s":"I", "c":"ACCESS", "id":20249, "ctx":"conn115","msg":"Authentication failed","attr":{"mechanism":"SCRAM-SHA-1","principalName":"__system","authenticationDatabase":"local","client":"10.10.10.10:46765","result":"AuthenticationFailed: ###"}}Proposal,
* Don't attempt to auth with__system
(SCRAM) user whensecurity.clusterAuthMode
is set tox509
in MongoDB Server6 votesThis has been corrected in OM versions 5.0.5 and 4.4.19. Thank you!
-
Use the TLS options instead of the SSL options in Automation Config of MongoDB v4.2
As the SSL Options are deprecated since MongoDB v4.2 but Ops Manager Automation still utilizes
SSL
options in the automation configuration for MongoDB v4.2. It will be best that Ops Manager v4.2+ will utilize TLS options in the Automation Config of their managed MongoDB v4.2 deployments.4 votesFully converted to TLS in OM 4.4.
-
Prevent users from importing a replica set or shard with the same name as other pre-existing replica sets/shards
When a user imports a cluster into a project with the same name, it causes issues like breaking backups of pre-existing clusters.
Checking the replica set name against the names of other replica set names will prevent having to terminate backups and remove and re-import clusters, starting over.
2 votes
- Don't see your idea?