Atatus Database Monitoring provides deep visibility into your MongoDB Atlas clusters by collecting key metrics, slow queries, operation samples, explain plans, and replication health data.
This guide walks you through enabling monitoring for MongoDB Atlas and configuring secure access for the Atatus Infra Agent.
Before You Begin
| Component | Supported Versions |
|---|---|
| MongoDB | 4.4, 5.0, 6.0, 7.0, 8.0 |
| MongoDB Atlas Cluster Tiers | M10 and higher |
| Atatus Infra Agent | 4.1.0 or higher |
Note: MongoDB Atlas Serverless and shared clusters (M0, M2, M5) are not supported.
Grant Access to Your MongoDB Atlas Cluster
The Atatus Infra Agent requires read-only permissions to collect operational statistics and query metrics from MongoDB Atlas.
Step 1: Create a Custom Monitoring Role
- Log in to the MongoDB Atlas UI.
- Navigate to Database Access → Custom Roles.
- Click Add New Custom Role.
- Enter a role name (example:
atatus-monitor). - Add the following privileges:
readon theadmindatabasereadon thelocaldatabasereadon theconfigdatabase (for sharded clusters only)clusterMonitoron theadmindatabasereadon specific application databases or usereadAnyDatabaseto monitor all databases
6. Save the custom role.
Step 2: Create a Monitoring User
- In the MongoDB Atlas UI, go to Database Access → Database Users.
- Click Add New Database User.
- Choose Password Authentication.
- Enter a username and strong password.
- Under Database User Privileges, assign the custom role created earlier.
- Click Add User.
- Save the username and password. You will use them when configuring the Atatus Agent.
Install and Configure the Atatus Agent
The Atatus Infra Agent must run on a host that can network-connect to your MongoDB Atlas cluster.
Resolve Individual MongoDB Host and Port
MongoDB Atlas applications usually connect using an SRV connection string. However, the Atatus Agent must connect directly to individual MongoDB hosts to avoid inaccurate metrics during failover or load balancing.
Use DNS tools to resolve the SRV record and extract hostnames.
Resolve Replica Set Nodes
For an SRV connection string like mongodb+srv://cluster.example.mongodb.net/, use the following commands:
Linux:
dig +short SRV _mongodb._tcp.cluster.example.mongodb.netExample output:
0 0 27017 node-00.mongodb.net.
0 0 27017 node-01.mongodb.net.
0 0 27017 node-02.mongodb.net.Windows:
nslookup -type=SRV _mongodb._tcp.cluster.example.mongodb.netExample output:
_mongodb._tcp.XXXXX.XXX.mongodb.net service = 0 0 27017 XXXXX-00-00.4zh9o.mongodb.net.
_mongodb._tcp.XXXXX.XXX.mongodb.net service = 0 0 27017 XXXXX-00-01.4zh9o.mongodb.net.
_mongodb._tcp.XXXXX.XXX.mongodb.net service = 0 0 27017 XXXXX-00-02.4zh9o.mongodb.net.Use these resolved values as host and port combinations:
node-00.mongodb.net:27017
node-01.mongodb.net:27017
node-02.mongodb.net:27017Configure the Agent using one of these host and port combinations.
Create the configuration file
For a MongoDB replica set, the Atatus Agent must connect to all replica members (primary, secondary, and arbiter if present). Update the configuration file by adding the following configuration to /etc/atatus-infra-agent/conf.d/mongodb.d/mongodb.yml:
metrics:
- hosts:
- <HOST_REPLICA_1>:<PORT> # Primary node
username: atatus
password: <REPLACE_PASSWORD>
connection_scheme: "mongodb"
db_name: "admin"
options:
connectTimeoutMS: 3000
serverSelectionTimeoutMS: 2000
dbm: true
cluster_name: <CLUSTER_NAME>
- hosts:
- <HOST_REPLICA_2>:<PORT> # Secondary node
username: atatus
password: <REPLACE_PASSWORD>
connection_scheme: "mongodb"
db_name: "admin"
options:
connectTimeoutMS: 3000
serverSelectionTimeoutMS: 2000
dbm: true
cluster_name: <CLUSTER_NAME>Restart the Atatus Infra Agent to apply the changes:
sudo service atatus-infra-agent restart
+1-415-800-4104