{ "name": "MongoDB Version 2.6", "description": "For Logentries account subscribers, tested on MongoDB Version 2.6.7", "searches": [ { "name": "CommandType", "description": "Command vs Query", "query": "where(/\\[\\w+\\] (?P\\w+)/i databaseCommand=query OR databaseCommand=command) groupby(databaseCommand) calculate(COUNT)" }, { "name": "DatabaseCommand", "description": "Command or Query Executed", "query": "where(/command: (?P\\w+)/i AND command!=isMaster AND command!=whatsmyuri) groupby(command) calculate(COUNT)" }, { "name": "ResLen", "description": "Query Result Length in Bytes", "query": "where(reslen) calculate(AVERAGE:reslen)" }, { "name": "Module", "description": "Distribution of MongoDB modules", "query": "where(/\\[(?P\\w+)\\]/i) groupby(module) calculate(COUNT)" } ], "tags": [ { "type": "Alert", "name": "Server Restarted", "description": "Triggers when MongoDB server restarts", "labels": [ { "name": "Server Restarted", "color": "53ACFF" } ], "patterns": [ "SERVER RESTARTED" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Connection Accepted", "description": "Connection Accepted", "labels": [ { "name": "Connection Accepted", "color": "50FF20" } ], "patterns": [ "connection accepted" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "DR102", "description": "Too much data written uncommitted", "labels": [ { "name": "Journal flush exceeded 256MB", "color": "FFA582" } ], "patterns": [ "DR102" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Server Slow", "description": "Server Status was very slow", "labels": [ { "name": "Server Slow", "color": "FF521C" } ], "patterns": [ "serverStatus was very slow" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Write Operation Tag", "description": "Tags for insert, update and delete operations", "labels": [ { "name": "Write Operation", "color": "DE00FF" } ], "patterns": [ "command: insert", "command: update", "command: delete" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Aggregation Command Tag", "description": "Tags for aggregate, count, distinct, group and mapReduce", "labels": [ { "name": "Aggregation Command", "color": "4100FF" } ], "patterns": [ "command: aggregate", "command: count", "command: distinct", "command: group", "command: mapReduce" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Geospatial Command", "description": "Tags for geoNear, geoSearch and geoWalk", "labels": [ { "name": "Geospatial Command", "color": "FF6D00" } ], "patterns": [ "command: geoNear", "command: geoSearch", "command: geoWalk" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Query Operation", "description": "Tag for findAndModify", "labels": [ { "name": "Find Query", "color": "9A8DFF" } ], "patterns": [ "command: findAndModify" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Authentication Command", "description": "Tags for logout and authenticate", "labels": [ { "name": "Authentication Command", "color": "0005FC" } ], "patterns": [ "command: logout", "command: authenticate" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "User Management Command", "description": "Tags for createUser, updateUser, dropUser, dropAllUsersFromDatabase, grantRolesToUser and revokeRolesFromUser", "labels": [ { "name": "User Management Command", "color": "00FC8F" } ], "patterns": [ "command: createUser", "command: updateUser", "command: dropUser", "command: dropAllUsersFromDatabase", "command: grantRolesToUser", "command: revokeRolesFromUser" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] }, { "type": "Alert", "name": "Role Management Command", "description": "Tags for createRole, updateRole and dropRole", "labels": [ { "name": "Role Management Command", "color": "FC6C74" } ], "patterns": [ "command: createRole", "command: updateRole", "command: dropRole" ], "actions": [{ "type": "Alert", "min_matches_count": 1, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" }] } ], "widgets": [ { "name": "Command vs Query", "description": "Command and Query Separation", "search_name": "CommandType", "type": "PieChart" }, { "name": "Database Commands Executed", "description": "Database Command Executed", "search_name": "DatabaseCommand", "type": "BarChart" }, { "name": "Average Query Result Length in Bytes", "description": "Average Query Result Length in Bytes", "search_name": "ResLen", "type": "TimelineLineChart", "show_tooltip": true }, { "name": "Module", "description": "Distribution of MongoDB Modules", "search_name": "Module", "type": "BarChart" } ], "cards": [ { "name": "Command vs Query", "description": "Command and Query Separation", "queries": [{ "leql" : { "statement":"where(/\\[\\w+\\] (?P\\w+)/i databaseCommand=query OR databaseCommand=command) groupby(databaseCommand) calculate(COUNT)"}}], "visualization": "PIE" }, { "name": "Database Commands Executed", "description": "Database Command Executed", "queries": [{ "leql" : { "statement":"where(/command: (?P\\w+)/i AND command!=isMaster AND command!=whatsmyuri) groupby(command) calculate(COUNT)"}}], "visualization": "BAR" }, { "name": "Average Query Result Length in Bytes", "description": "Average Query Result Length in Bytes", "queries": [{ "leql" : { "statement":"where(reslen) calculate(AVERAGE:reslen)"}}], "visualization": "LINE" }, { "name": "Module", "description": "Distribution of MongoDB Modules", "queries": [{ "leql" : { "statement":"where(/\\[(?P\\w+)\\]/i) groupby(module) calculate(COUNT)"}}], "visualization": "BAR" } ] }