Prepare MongoDB connection configuration
In this milestone, you prepare the specific MongoDB connection details and security credentials. Proper MongoDB authentication and connection configuration ensures secure and reliable metrics collection.
Setting up dedicated monitoring credentials with minimal required permissions follows security best practices and prevents potential access issues.
Consider the following security guidelines:
- Use environment variables or secret management systems for production deployments
- Limit MongoDB user permissions to only what’s required for monitoring
- Enable SSL/TLS for MongoDB connections in production environments
- Regularly rotate monitoring user credentials
To prepare your MongoDB connection configuration, complete the following steps:
Connect to your MongoDB instance and create a user with read-only permissions.
The following script creates a dedicated MongoDB user for monitoring.
use admin db.createUser({ user: "grafana_monitoring", pwd: "secure_password_here", roles: [ { role: "read", db: "admin" }, { role: "clusterMonitor", db: "admin" }, { role: "read", db: "local" } ] })Open the Grafana Alloy configuration file and replace the placeholders with your specific values.
This defines the MongoDB connection URI.
mongodb_uri = "mongodb://grafana_monitoring:secure_password_here@mongodb.example.com:27017/admin"For MongoDB cloud deployments, include additional parameters:
mongodb_uri = "mongodb+srv://grafana_monitoring:secure_password_here@cluster.example.mongodb.net/admin?retryWrites=true"Configure the service and cluster labels by updating the label values in the Grafana Alloy configuration file.
rule { target_label = "service_name" replacement = "mongodb-production" } rule { target_label = "mongodb_cluster" replacement = "main-cluster" } rule { target_label = "instance" replacement = "mongodb-prod-01" }
In your next milestone, you’ll test the connection and verify metrics collection.
At this point in your journey, you can explore the following paths: