1MONGOTOP(1) mongodb-manual MONGOTOP(1)
2
6 mongotop - MongoDB Activity Monitor
7
9 mongotop provides a method to track the amount of time a MongoDB
10 instance spends reading and writing data. mongotop provides statistics
11 on a per-collection level. By default, mongotop returns values every
12 second.
13 IMPORTANT:
15 In order to connect to a mongod that enforces authorization with the
16 --auth option, the --username and --password options must be used,
17 and the user specified must have the serverStatus and top privi‐
18 leges.
19 The most appropriate built-in role that has these privileges is
21 clusterMonitor.
22 SEE ALSO:
24 For more information about monitoring MongoDB, see http://docs.mon‐
25 godb.org/manual/administration/monitoring.
26 For additional background on various other MongoDB status outputs
28 see:
29 · http://docs.mongodb.org/manual/reference/command/serverStatus
31 · http://docs.mongodb.org/manual/reference/command/replSetGetStatus
33 · http://docs.mongodb.org/manual/reference/command/dbStats
35 · http://docs.mongodb.org/manual/reference/command/collStats
37 For an additional utility that provides MongoDB metrics see mongo‐
39 stat.
40
42 mongotop
43 mongotop
45 --help Returns information on the options and use of mongotop.
47 --verbose, -v
49 Increases the amount of internal reporting returned on standard
50 output or in log files. Increase the verbosity with the -v form
51 by including the option multiple times, (e.g. -vvvvv.)
52 --quiet
54 Runs the mongotop in a quiet mode that attempts to limit the
55 amount of output.
56 This option suppresses:
58 · output from database commands
60 · replication activity
62 · connection accepted events
64 · connection closed events
66 --version
68 Returns the mongotop release number.
69 --host <hostname><:port>, -h <hostname><:port>
71 Default: localhost:27017
72 Specifies a resolvable hostname for the mongod to which to con‐
74 nect. By default, the mongotop attempts to connect to a MongoDB
75 instance running on the localhost on port number 27017.
76 To connect to a replica set, specify the replSetName and a seed
78 list of set members, as in the following:
79 <replSetName>/<hostname1><:port>,<hostname2><:port>,<...>
81 You can always connect directly to a single MongoDB instance by
83 specifying the host and port number directly.
84 Changed in version 3.0.0: If you use IPv6 and use the
86 <address>:<port> format, you must enclose the portion of an
87 address and port combination in brackets (e.g. [<address>]).
88 If connected to a replica set where the primary is not reach‐
91 able, mongotop returns an error message.
92 --port <port>
94 Default: 27017
95 Specifies the TCP port on which the MongoDB instance listens for
97 client connections.
98 --ipv6 Enables IPv6 support and allows the mongotop to connect to the
100 MongoDB instance using an IPv6 network. All MongoDB programs and
101 processes disable IPv6 support by default.
102 --ssl New in version 2.6.
104 Enables connection to a mongod or mongos that has SSL support
107 enabled.
108 The default distribution of MongoDB does not contain support for
110 SSL. For more information on MongoDB and SSL, see
111 http://docs.mongodb.org/manual/tutorial/configure-ssl.
112 --sslCAFile <filename>
114 New in version 2.6.
115 Specifies the .pem file that contains the root certificate chain
118 from the Certificate Authority. Specify the file name of the
119 .pem file using relative or absolute paths.
120 The default distribution of MongoDB does not contain support for
122 SSL. For more information on MongoDB and SSL, see
123 http://docs.mongodb.org/manual/tutorial/configure-ssl.
124 WARNING:
126 If the mongo shell or any other tool that connects to mongos
127 or mongod is run without --sslCAFile, it will not attempt to
128 validate server certificates. This results in vulnerability
129 to expired mongod and mongos certificates as well as to for‐
130 eign processes posing as valid mongod or mongos instances.
131 Ensure that you always specify the CA file against which
132 server certificates should be validated in cases where intru‐
133 sion is a possibility.
134 --sslPEMKeyFile <filename>
136 New in version 2.6.
137 Specifies the .pem file that contains both the SSL certificate
140 and key. Specify the file name of the .pem file using relative
141 or absolute paths.
142 This option is required when using the --ssl option to connect
144 to a mongod or mongos that has CAFile enabled without allowCon‐
145 nectionsWithoutCertificates.
146 The default distribution of MongoDB does not contain support for
148 SSL. For more information on MongoDB and SSL, see
149 http://docs.mongodb.org/manual/tutorial/configure-ssl.
150 --sslPEMKeyPassword <value>
152 New in version 2.6.
153 Specifies the password to de-crypt the certificate-key file
156 (i.e. --sslPEMKeyFile). Use the --sslPEMKeyPassword option only
157 if the certificate-key file is encrypted. In all cases, the mon‐
158 gotop will redact the password from all logging and reporting
159 output.
160 If the private key in the PEM file is encrypted and you do not
162 specify the --sslPEMKeyPassword option, the mongotop will prompt
163 for a passphrase. See ssl-certificate-password.
164 The default distribution of MongoDB does not contain support for
166 SSL. For more information on MongoDB and SSL, see
167 http://docs.mongodb.org/manual/tutorial/configure-ssl.
168 --sslCRLFile <filename>
170 New in version 2.6.
171 Specifies the .pem file that contains the Certificate Revocation
174 List. Specify the file name of the .pem file using relative or
175 absolute paths.
176 The default distribution of MongoDB does not contain support for
178 SSL. For more information on MongoDB and SSL, see
179 http://docs.mongodb.org/manual/tutorial/configure-ssl.
180 --sslAllowInvalidCertificates
182 New in version 2.6.
183 Bypasses the validation checks for server certificates and
186 allows the use of invalid certificates. When using the allowIn‐
187 validCertificates setting, MongoDB logs as a warning the use of
188 the invalid certificate.
189 The default distribution of MongoDB does not contain support for
191 SSL. For more information on MongoDB and SSL, see
192 http://docs.mongodb.org/manual/tutorial/configure-ssl.
193 --sslAllowInvalidHostnames
195 New in version 3.0.
196 Disables the validation of the hostnames in SSL certificates.
199 Allows mongotop to connect to MongoDB instances if the hostname
200 their certificates do not match the specified hostname.
201 --sslFIPSMode
203 New in version 2.6.
204 Directs the mongotop to use the FIPS mode of the installed
207 OpenSSL library. Your system must have a FIPS compliant OpenSSL
208 library to use the --sslFIPSMode option.
209 NOTE:
211 FIPS Compatible SSL is available only in MongoDB Enterprise.
212 See http://docs.mongodb.org/manual/tutorial/configure-fips
213 for more information.
214 --username <username>, -u <username>
216 Specifies a username with which to authenticate to a MongoDB
217 database that uses authentication. Use in conjunction with the
218 --password and --authenticationDatabase options.
219 --password <password>, -p <password>
221 Specifies a password with which to authenticate to a MongoDB
222 database that uses authentication. Use in conjunction with the
223 --username and --authenticationDatabase options.
224 If you do not specify an argument for --password, mongotop will
226 prompt interactively for a password on the console.
227 --authenticationDatabase <dbname>
229 New in version 2.4.
230 Specifies the database that holds the user's credentials.
233 Changed in version 3.0.0: --authenticationDatabase is required
235 for mongod and mongos instances that use authentication.
236 --authenticationMechanism <name>
239 Default: MONGODB-CR
240 New in version 2.4.
242 Changed in version 2.6: Added support for the PLAIN and MON‐
245 GODB-X509 authentication mechanisms.
246 Specifies the authentication mechanism the mongotop instance
249 uses to authenticate to the mongod or mongos.
250 ┌─────────────┬────────────────────────────┐
252 │Value │ Description │
253 ├─────────────┼────────────────────────────┤
254 │MONGODB-CR │ MongoDB challenge/response │
255 │ │ authentication. │
256 ├─────────────┼────────────────────────────┤
257 │MONGODB-X509 │ MongoDB SSL certificate │
258 │ │ authentication. │
259 └─────────────┴────────────────────────────┘
260 │PLAIN │ External authentication │
266 │ │ using LDAP. You can also │
267 │ │ use PLAIN for authenticat‐ │
268 │ │ ing in-database users. │
269 │ │ PLAIN transmits passwords │
270 │ │ in plain text. This mecha‐ │
271 │ │ nism is available only in │
272 │ │ MongoDB Enterprise. │
273 ├─────────────┼────────────────────────────┤
274 │GSSAPI │ External authentication │
275 │ │ using Kerberos. This mech‐ │
276 │ │ anism is available only in │
277 │ │ MongoDB Enterprise. │
278 └─────────────┴────────────────────────────┘
279 --gssapiServiceName
281 New in version 2.6.
282 Specify the name of the service using GSSAPI/Kerberos. Only
285 required if the service does not use the default name of mon‐
286 godb.
287 This option is available only in MongoDB Enterprise.
289 --gssapiHostName
291 New in version 2.6.
292 Specify the hostname of a service using GSSAPI/Kerberos. Only
295 required if the hostname of a machine does not match the host‐
296 name resolved by DNS.
297 This option is available only in MongoDB Enterprise.
299 --locks
301 Toggles the mode of mongotop to report on use of per-database
302 locks. These data are useful for measuring concurrent operations
303 and lock percentage.
304 --locks returns an error when called against a mongod instance
306 that does not report lock usage.
307 --rowcount int, -n int
309 Number of lines of data that mongotop should print. "0 for
310 indefinite"
311 --json New in version 3.0.0.
313 Returns output for mongotop in JSON format.
316 <sleeptime>
318 The final argument is the length of time, in seconds, that mon‐
319 gotop waits in between calls. By default mongotop returns data
320 every second.
321
323 mongotop returns time values specified in milliseconds (ms.)
324 mongotop only reports active namespaces or databases, depending on the
326 --locks option. If you don't see a database or collection, it has
327 received no recent activity. You can issue a simple operation in the
328 mongo shell to generate activity to affect the output of mongotop.
329 mongotop.ns
331 Contains the database namespace, which combines the database
332 name and collection.
333 Changed in version 2.2: If you use the mongotop --locks, the ns
335 field does not appear in the mongotop output.
336 mongotop.db
339 New in version 2.2.
340 Contains the name of the database. The database named . refers
343 to the global lock, rather than a specific database.
344 This field does not appear unless you have invoked mongotop with
346 the --locks option.
347 mongotop.total
349 Provides the total amount of time that this mongod spent operat‐
350 ing on this namespace.
351 mongotop.read
353 Provides the amount of time that this mongod spent performing
354 read operations on this namespace.
355 mongotop.write
357 Provides the amount of time that this mongod spent performing
358 write operations on this namespace.
359 mongotop.<timestamp>
361 Provides a time stamp for the returned data.
362
364 By default mongotop connects to the MongoDB instance running on the
365 localhost port 27017. However, mongotop can optionally connect to
366 remote mongod instances. See the mongotop options for more information.
367 To force mongotop to return less frequently specify a number, in sec‐
369 onds at the end of the command. In this example, mongotop will return
370 every 15 seconds.
371 mongotop 15
373 This command produces the following output:
375 ns total read write 2014-12-19T15:32:01-05:00
377 admin.system.roles 0ms 0ms 0ms
378 admin.system.version 0ms 0ms 0ms
379 local.me 0ms 0ms 0ms
380 local.oplog.rs 0ms 0ms 0ms
381 local.replset.minvalid 0ms 0ms 0ms
382 local.startup_log 0ms 0ms 0ms
383 local.system.indexes 0ms 0ms 0ms
384 local.system.namespaces 0ms 0ms 0ms
385 local.system.replset 0ms 0ms 0ms
386 ns total read write 2014-12-19T15:47:01-05:00
388 admin.system.roles 0ms 0ms 0ms
389 admin.system.version 0ms 0ms 0ms
390 local.me 0ms 0ms 0ms
391 local.oplog.rs 0ms 0ms 0ms
392 local.replset.minvalid 0ms 0ms 0ms
393 local.startup_log 0ms 0ms 0ms
394 local.system.indexes 0ms 0ms 0ms
395 local.system.namespaces 0ms 0ms 0ms
396 local.system.replset 0ms 0ms 0ms
397 The output varies depending on your MongoDB setup. For example,
399 local.system.indexes and local.system.namespaces only appear for mongod
400 instances using the MMAPv1 storage engine.
401 To return a mongotop report every 5 minutes, use the following command:
403 mongotop 300
405 To report the use of per-database locks, use --locks, which produces
407 the following output:
408 $ mongotop --locks
410 connected to: 127.0.0.1
411 db total read write 2012-08-13T16:33:34
413 local 0ms 0ms 0ms
414 admin 0ms 0ms 0ms
415 . 0ms 0ms 0ms
416 Changed in version 3.0.0: When called against a mongod that does not
418 report lock usage, --locks will return a Failed: Server does not sup‐
419 port reporting locking information error.
420
423 MongoDB Documentation Project
424
426 2011-2015
4273.0 January 30, 2015 MONGOTOP(1)