OPTIONS

mongosniff

Synopsis

mongosniff provides a low-level operation tracing/sniffing view into database activity in real time. Think of mongosniff as a MongoDB-specific analogue of tcpdump for TCP/IP network traffic. Typically, mongosniff is most frequently used in driver development.

Note

mongosniff requires libpcap and is only available for Unix-like systems. Furthermore, the version distributed with the MongoDB binaries is dynamically linked against aversion 0.9 of libpcap. If your system has a different version of libpcap, you will need to compile mongosniff yourself or create a symbolic link pointing to libpcap.so.0.9 to your local version of libpcap. Use an operation that resembles the following:

ln -s /usr/lib/libpcap.so.1.1.1 /usr/lib/libpcap.so.0.9

Change the path’s and name of the shared library as needed.

As an alternative to mongosniff, Wireshark, a popular network sniffing tool is capable of inspecting and parsing the MongoDB wire protocol.

Options

mongosniff
mongosniff
--help

Returns information on the options and use of mongosniff.

--forward <host><:port>

Declares a host to forward all parsed requests that the mongosniff intercepts to another mongod instance and issue those operations on that database instance.

Specify the target host name and port in the <host><:port> format.

To connect to a replica set, specify the replica set seed name and the seed list of set members. Use the following format:

<replica_set_name>/<hostname1><:port>,<hostname2:<port>,...
--source <NET [interface]>

Specifies source material to inspect. Use --source NET [interface] to inspect traffic from a network interface (e.g. eth0 or lo.) Use --source FILE [filename] to read captured packets in pcap format.

You may use the --source DIAGLOG [filename] option to read the output files produced by the --diaglog option.

--objcheck

Displays invalid BSON objects only and nothing else. Use this option for troubleshooting driver development. This option has some performance impact on the performance of mongosniff.

<port>

Specifies alternate ports to sniff for traffic. By default, mongosniff watches for MongoDB traffic on port 27017. Append multiple port numbers to the end of mongosniff to monitor traffic on multiple ports.

Use

Use the following command to connect to a mongod or mongos running on port 27017 and 27018 on the localhost interface:

mongosniff --source NET lo 27017 27018

Use the following command to only log invalid BSON objects for the mongod or mongos running on the localhost interface and port 27018, for driver development and troubleshooting:

mongosniff --objcheck --source NET lo 27018

Build mongosniff

To build mongosniff yourself, Linux users can use the following procedure:

  1. Obtain prerequisites using your operating systems package management software. Dependencies include:

    • libpcap - to capture network packets.
    • git - to download the MongoDB source code.
    • scons and a C++ compiler - to build mongosniff.
  2. Download a copy of the MongoDB source code using git:

    git clone git://github.com/mongodb/mongo.git
    
  3. Issue the following sequence of commands to change to the mongo/ directory and build mongosniff:

    cd mongo
    scons mongosniff
    

Note

If you run scons mongosniff before installing libpcap you must run scons clean before you can build mongosniff.

←   mongotop mongoperf  →