分类:
2012-08-14 23:49:56
此工具可以从底层监控到底有哪些命令发送给了MongoDB去执行,从中就可以进行分析:
以root身份执行:
./mongosniff --source NET lo |
然后其会监控位到本地以localhost监听默认27017端口的MongoDB的所有包请求,如执行”show dbs” 操作
[root@localhost bin]# ./mongo MongoDB shell version: 1.8.1 connecting to: test > show dbs admin 0.0625GB foo 0.0625GB local (empty) test 0.0625GB > |
那么你可以看到如下输出。
[root@localhost bin]# ./mongosniff --source NET lo sniffing... 27017 127.0.0.1:38500 -->> 127.0.0.1:27017 admin.$cmd 60 bytes id:537ebe0f 1400815119 query: { whatsmyuri: 1 } ntoreturn: 1 ntoskip: 0 127.0.0.1:27017 <<-- 127.0.0.1:38500 78 bytes id:531c3855 1394358357 - 1400815119 reply n:1 cursorId: 0 { you: "127.0.0.1:38500", ok: 1.0 } 127.0.0.1:38500 -->> 127.0.0.1:27017 admin.$cmd 80 bytes id:537ebe10 1400815120 query: { replSetGetStatus: 1, forShell: 1 } ntoreturn: 1 ntoskip: 0 127.0.0.1:27017 <<-- 127.0.0.1:38500 92 bytes id:531c3856 1394358358 - 1400815120 reply n:1 cursorId: 0 { errmsg: "not running with --replSet", ok: 0.0 } 127.0.0.1:38500 -->> 127.0.0.1:27017 admin.$cmd 67 bytes id:537ebe11 1400815121 query: { listDatabases: 1.0 } ntoreturn: -1 ntoskip: 0 127.0.0.1:27017 <<-- 127.0.0.1:38500 293 bytes id:531c3857 1394358359 - 1400815121 reply n:1 cursorId: 0 { databases: [ { name: "foo", sizeOnDisk: 67108864.0, empty: false }, { name: "test", sizeOnDisk: 67108864.0, empty: false }, { name: "admin", sizeOnDisk: 67108864.0, empty: false }, { name: "local", sizeOnDisk: 1.0, empty: true } ], totalSize: 201326592.0, ok: 1.0 } 127.0.0.1:38500 -->> 127.0.0.1:27017 admin.$cmd 80 bytes id:537ebe12 1400815122 query: { replSetGetStatus: 1, forShell: 1 } ntoreturn: 1 ntoskip: 0 127.0.0.1:27017 <<-- 127.0.0.1:38500 92 bytes id:531c3858 1394358360 - 1400815122 reply n:1 cursorId: 0 { errmsg: "not running with --replSet", ok: 0.0 } |
如果将这些输出到一个日志文件中,那么就可以保留下所有数据库操作的历史记录,对于后期的性能分析和安全审计等工作将是一个巨大的贡献。