Splunk AppDynamics SaaS Database Visibility Add Database Collectors Configure MongoDB Collectors Current: Monitor MongoDB Databases Using Kerberos Authentication PDF Download PDF Download page Monitor MongoDB Databases Using Kerberos Authentication. Current page All pages Monitor MongoDB Databases Using Kerberos Authentication Monitor MongoDB Using Kerberos AuthenticationYou can only set up Kerberos authentication for MongoDB by using the Custom Connection String option while configuring MongoDB collectors.Before configuring, ensure you have the Java Authentication and Authorization Service (JAAS) configuration file. Sample JAAS file com.sun.security.jgss.initiate { com.sun.security.auth.module.Krb5LoginModule required principal="admin-username/ip-192.0.2.0.us-west-2.compute.internal@US-WEST-2.COMPUTE.INTERNAL" doNotPrompt=true useTicketCache=true debug=true; }; CODE Perform the following steps:Start the Database Agent using the following string in the launch command: -Djava.security.auth.login.config=<JAAS-config-filename> CODE On the Controller UI, navigate to Databases, add a new collector, or modify an existing MongoDB collector.Under CONNECTION DETAILS, select Custom Connection String, and specify the connection URL: mongodb://[URL_ENCODED_PRINCIPAL_NAME@]host1[:port1][,...hostN[:portN]][[?options]]&authMechanism=GSSAPI&authSource=$external CODE or, mongodb+srv://[URL_ENCODED_PRINCIPAL_NAME@]host1[:port1][,...hostN[:portN]][[?options]]&authMechanism=GSSAPI&authSource=$external CODE Sample Connection URL mongodb://admin%2Fip-192.0.2.0.us-west-2.compute.internal%40US-WEST-2.COMPUTE.INTERNAL@mongodb.testserver.1com:27017,mongodb.testserver.2com:27017/?directConnection=true&authMechanism=GSSAPI&authSource=$external CODE The principal name in the connection string must be URL encoded. For example, if your principal name is: admin/ip-192.0.2.0.us-west-2.compute.internal@US-WEST-2.COMPUTE.INTERNAL@ CODE Then, the URL encoded principal looks like this: admin%2Fip-192.0.2.0.us-west-2.compute.internal%40US-WEST-2.COMPUTE.INTERNAL@ CODE The following table describes the URL components of the sample connection URL:URL ComponentsDescriptionmongodb://admin%2Fip-192.0.2.0.us-west-2.compute.internal%40US-WEST-2.COMPUTE.INTERNAL@URL encoded principal name. You can use the URL Encoder to encode your URL.mongodb.testserver.1com:27017,mongodb.testserver.2com:27017/?directConnection=trueHost address (comma separated)&authMechanism=GSSAPI&authSource=$externalMandatory flags to configure Kerberos authentication ×