MongoDB Output Plugin Failed when used auth user


(Rahmat Agung W) #1

I have an logstash config like this:
input {
file {
type => "json"
path => "/home/elk/dionaea.json"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}

filter {
        json {
                source => "message"
        }
}

output {
        mongodb{
                collection => "attack"
                database => "dionaea"
                uri => "mongodb://admin:Maha%40siswa@10.33.109.17:27017/dionaea"
                codec => "json"
        }
        stdout {
            codec => rubydebug
        }
        }

But there is error when I started it.
[2018-09-29T17:27:20,961][WARN ][logstash.outputs.mongodb ] Failed to send event to MongoDB {:event=>#<LogStash::Event:0x5ee0398c>, :exception=>#<Mongo::Error::OperationFailure: not authorized on dionaea to execute command { insert: "attack", documents: [ { @timestamp: ""2018-09-29T17:26:40.573Z"", src_ip: "146.185.222.35", @version: "1", dst_port: 40628, path: "/home/elk/dionaea.json", src_hostname: "", connection: { type: "reject", transport: "tcp", protocol: "pcap" }, dst_ip: "192.168.100.79", type: "json", message: "{"dst_port": 40628, "src_hostname": "", "src_port": 58072, "timestamp": "2018-09-23T11:37:35.132585", "connection": {"type": "reject", "protocol": "pc...", host: "dataServer", timestamp: "2018-09-23T11:37:35.132585", src_port: 58072, _id: ObjectId('5bafb5f8860afa5f8b00000e') } ], writeConcern: { w: 1 }, ordered: true } (13)>, :backtrace=>["/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/mongo-2.0.6/lib/mongo/operation/result.rb:214:invalidate!'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/mongo-2.0.6/lib/mongo/operation/write/insert.rb:72:in execute_write_command'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/mongo-2.0.6/lib/mongo/operation/write/insert.rb:62:inexecute'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/mongo-2.0.6/lib/mongo/collection.rb:190:in insert_many'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/mongo-2.0.6/lib/mongo/collection.rb:175:ininsert_one'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-output-mongodb-3.1.4/lib/logstash/outputs/mongodb.rb:100:in receive'", "/usr/share/logstash/logstash-core/lib/logstash/outputs/base.rb:89:inblock in multi_receive'", "org/jruby/RubyArray.java:1734:in each'", "/usr/share/logstash/logstash-core/lib/logstash/outputs/base.rb:89:inmulti_receive'", "org/logstash/config/ir/compiler/OutputStrategyExt.java:114:in multi_receive'", "org/logstash/config/ir/compiler/AbstractOutputDelegatorExt.java:97:inmulti_receive'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:372:in block in output_batch'", "org/jruby/RubyHash.java:1343:ineach'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:371:in output_batch'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:323:inworker_loop'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:285:in block in start_workers'"]}
It only happened when I use authentication on my mongo user.


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.