README ¶
Mongodb protocol parsing for packetbeat
Main documentation link:
Understanding wire protocol vs command
At first it is difficult to understand how the legacy protocol fits with the concept of 'command' which is always repeated in the doc but not very well explained (or not where I looked).
This mail thread fortunately gave the answer: "GetLastError is a command and command are implemented using findOne, which generates an OP_QUERY message."
In the write operations as commands mode which seems to be the current mode, the response is therefore a 'OP_REPLY' message and there will always be one to close the transaction.
In the case of write operations as separate message types, we should parse the following 'getLastError' command and consider it as part of the same transaction, the response to this command actually being the response to the original write operation. Except that the getLastError command is optional, the client will not send it if it was requested with a write concern of 0. This mode is only supported by clients dans database as a legacy mode, it will be supported by this parser only very basically.
TODO
- Support option to send documents in response (Send_Response ?)
- Support option to send update and insert documents in request (Send_Request ?)
- Support option to ignore non user commands
- Fill bytes_in and bytes_out
Documentation ¶
Index ¶
- Variables
- type Mongodb
- func (mongodb *Mongodb) ConnectionTimeout() time.Duration
- func (mongodb *Mongodb) GapInStream(tcptuple *common.TcpTuple, dir uint8, nbytes int, private protos.ProtocolData) (priv protos.ProtocolData, drop bool)
- func (mongodb *Mongodb) GetPorts() []int
- func (mongodb *Mongodb) Init(test_mode bool, results publish.Transactions) error
- func (mongodb *Mongodb) InitDefaults()
- func (mongodb *Mongodb) Parse(pkt *protos.Packet, tcptuple *common.TcpTuple, dir uint8, ...) protos.ProtocolData
- func (mongodb *Mongodb) ReceivedFin(tcptuple *common.TcpTuple, dir uint8, private protos.ProtocolData) protos.ProtocolData
Constants ¶
This section is empty.
Variables ¶
var DatabaseCommands = []string{}/* 141 elements not displayed */
List of mongodb user commands (send throuwh a query of the legacy protocol) see http://docs.mongodb.org/manual/reference/command/
This list was obtained by calling db.listCommands() and some grepping. They are compared cased insensitive
Functions ¶
This section is empty.
Types ¶
type Mongodb ¶
type Mongodb struct { // config Ports []int SendRequest bool SendResponse bool MaxDocs int MaxDocLength int // contains filtered or unexported fields }
func (*Mongodb) ConnectionTimeout ¶
func (*Mongodb) GapInStream ¶
func (mongodb *Mongodb) GapInStream(tcptuple *common.TcpTuple, dir uint8, nbytes int, private protos.ProtocolData) (priv protos.ProtocolData, drop bool)
func (*Mongodb) Init ¶
func (mongodb *Mongodb) Init(test_mode bool, results publish.Transactions) error
func (*Mongodb) InitDefaults ¶
func (mongodb *Mongodb) InitDefaults()
func (*Mongodb) Parse ¶
func (mongodb *Mongodb) Parse( pkt *protos.Packet, tcptuple *common.TcpTuple, dir uint8, private protos.ProtocolData, ) protos.ProtocolData
func (*Mongodb) ReceivedFin ¶
func (mongodb *Mongodb) ReceivedFin(tcptuple *common.TcpTuple, dir uint8, private protos.ProtocolData) protos.ProtocolData