Telegraf: inputs.mongodb - error: unable to authenticate using mechanism "SCRAM-SHA-256"

I am using telegraf input plugin (inputs.mongodb), I am using syntax below for connection but having error. Please correct me if I am doing anything wrong or conform if it supports MongoDB version 6.x with SCRAM-SHA-256 support?

syntax -
servers = [“mongodb://user:password@host:port/?authMechanism=SCRAM-SHA-256”]
insecure_skip_verify = false
tls_ca = “/mongo/certs/hostname_ca.pem”
tls_cert = “/mongo/certs/certificate.pem”
tls_key = “/mongo/certs/server.key”

fieldpass = [“member_status”,“repl_state”,“repl_lag”,“repl_member_health”]

[telegraf] Error running agent: starting input inputs.mongodb: unable to ping MongoDB: connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism “SCRAM-SHA-256”: (AuthenticationFailed) Authentication failed.


Authentication failed

This usually means that you are using the wrong credentials. that user does not exist, or there is a typo.

If you try this same URI outside of telegraf, but with mongodump --uri <HERE> do you get the same error?

Telegraf agent version - 1.26.2
MongoDB version 6.0.x

After changing the config like this now having this error:

servers = [“mongodb://username:password@hostname:port”]
insecure_skip_verify = true
col_stats_dbs = [“$external”]
fieldpass = [“member_status”,“repl_state”,“repl_lag”,“repl_member_health”]

[telegraf] Error running agent: starting input inputs.mongodb: unable to ping MongoDB: server selection error: context deadline exceeded, current topology: { Type: Unknown, Servers: [{ Addr: hostname:port, Type: Unknown, Last error: connection(hostname:port[-22]) socket was unexpectedly closed: EOF }, ] }

Did you try via the mongodump cli tool as well?

It would be good to get a working DSN using that before trying to use telegraf. This most likely is due not an wrong DSN given your server’s config or some other set up config.

Hello @jpowers - Thaks for your suggestions - it start connecting now,

can you please help me how can I pass the variables in these 3 configs section ?

Not sure I am following. Those options look right.

If you want some additional help I would:

  1. Provide your full config
  2. Provide the log message you are currently getting.


Can I use command like this? I need to pass these above values as dynamic as I am working on to create a template which will get apply on all the MongoDB hosts.

I have these certs locally on each server (different of each server), so want to provide in dynamic or using variable. May be if you can suggest some other alternative to pass dynamic values in these config variables?

No, these options will not take wildcards. it needs a specific file to load.

You could however set an environment variable int he config, and set that environment variable to the dynamic file on each system. Or name each file the same :wink: