Navigation
This version of the documentation is archived and no longer supported.

mongostat

Mac OSX Sierra and Go 1.6 Incompatibility

Users running on Mac OSX Sierra require the 3.2.10 or newer version of mongostat.

Synopsis

The mongostat utility provides a quick overview of the status of a currently running mongod or mongos instance. mongostat is functionally similar to the UNIX/Linux file system utility vmstat, but provides data regarding mongod and mongos instances.

See also

For more information about monitoring MongoDB, see Monitoring for MongoDB.

For more background on other MongoDB status outputs see:

For an additional utility that provides MongoDB metrics see mongotop.

Required Access

In order to connect to a mongod that enforces authorization with the --auth option, specify the --username and --password options, and the connecting user must have the serverStatus privilege action on the cluster resources.

The built-in role clusterMonitor provides this privilege as well as other privileges. To create a role with just the privilege to run mongostat, see Create a Role to Run mongostat.

Options

mongostat
--help

Returns information on the options and use of mongostat.

--verbose, -v

Increases the amount of internal reporting returned on standard output or in log files. Increase the verbosity with the -v form by including the option multiple times, (e.g. -vvvvv.)

--version

Returns the mongostat release number.

--host <hostname><:port>, -h <hostname><:port>

Default: localhost:27017

Specifies a resolvable hostname for the mongod to which to connect. By default, the mongostat attempts to connect to a MongoDB instance running on the localhost on port number 27017.

To connect to a replica set, you can specify the set member or members to report on, as in the following (see also the --discover flag):

--host <hostname1><:port>,<hostname2><:port>,<...>

Changed in version 3.0.0: If you use IPv6 and use the <address>:<port> format, you must enclose the portion of an address and port combination in brackets (e.g. [<address>]).

--port <port>

Default: 27017

Specifies the TCP port on which the MongoDB instance listens for client connections.

--ipv6

Removed in version 3.0.

Enables IPv6 support and allows mongostat to connect to the MongoDB instance using an IPv6 network. Prior to MongoDB 3.0, you had to specify --ipv6 to use IPv6. In MongoDB 3.0 and later, IPv6 is always enabled.

--ssl

New in version 2.6.

Enables connection to a mongod or mongos that has TLS/SSL support enabled.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslCAFile <filename>

New in version 2.6.

Specifies the .pem file that contains the root certificate chain from the Certificate Authority. Specify the file name of the .pem file using relative or absolute paths.

Warning

For TLS/SSL connections (--ssl) to mongod and mongos, if the mongostat runs without the --sslCAFile, mongostat will not attempt to validate the server certificates. This creates a vulnerability to expired mongod and mongos certificates as well as to foreign processes posing as valid mongod or mongos instances. Ensure that you always specify the CA file to validate the server certificates in cases where intrusion is a possibility.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslPEMKeyFile <filename>

New in version 2.6.

Specifies the .pem file that contains both the TLS/SSL certificate and key. Specify the file name of the .pem file using relative or absolute paths.

This option is required when using the --ssl option to connect to a mongod or mongos that has CAFile enabled without allowConnectionsWithoutCertificates.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslPEMKeyPassword <value>

New in version 2.6.

Specifies the password to de-crypt the certificate-key file (i.e. --sslPEMKeyFile). Use the --sslPEMKeyPassword option only if the certificate-key file is encrypted. In all cases, the mongostat will redact the password from all logging and reporting output.

If the private key in the PEM file is encrypted and you do not specify the --sslPEMKeyPassword option, the mongostat will prompt for a passphrase. See TLS/SSL Certificate Passphrase.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslCRLFile <filename>

New in version 2.6.

Specifies the .pem file that contains the Certificate Revocation List. Specify the file name of the .pem file using relative or absolute paths.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslAllowInvalidCertificates

New in version 2.6.

Bypasses the validation checks for server certificates and allows the use of invalid certificates. When using the allowInvalidCertificates setting, MongoDB logs as a warning the use of the invalid certificate.

Starting in MongoDB 3.2.21, if you specify --sslAllowInvalidCertificates or ssl.allowInvalidCertificates: true when using x.509 authentication, an invalid certificate is only sufficient to establish a TLS/SSL connection but is insufficient for authentication.

Warning

For TLS/SSL connections to mongod and mongos, avoid using --sslAllowInvalidCertificates if possible and only use --sslAllowInvalidCertificates on systems where intrusion is not possible.

If the mongo shell (and other MongoDB Tools) runs with the --sslAllowInvalidCertificates option, the mongo shell (and other MongoDB Tools) will not attempt to validate the server certificates. This creates a vulnerability to expired mongod and mongos certificates as well as to foreign processes posing as valid mongod or mongos instances.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslAllowInvalidHostnames

New in version 3.0.

Disables the validation of the hostnames in TLS/SSL certificates. Allows mongostat to connect to MongoDB instances even if the hostname in their certificates do not match the specified hostname.

For more information about TLS/SSL and MongoDB, see Configure mongod and mongos for TLS/SSL and TLS/SSL Configuration for Clients .

--sslFIPSMode

New in version 2.6.

Directs the mongostat to use the FIPS mode of the installed OpenSSL library. Your system must have a FIPS compliant OpenSSL library to use the --sslFIPSMode option.

Note

FIPS-compatible TLS/SSL is available only in MongoDB Enterprise. See Configure MongoDB for FIPS for more information.

--username <username>, -u <username>

Specifies a username with which to authenticate to a MongoDB database that uses authentication. Use in conjunction with the --password and --authenticationDatabase options.

--password <password>, -p <password>

Specifies a password with which to authenticate to a MongoDB database that uses authentication. Use in conjunction with the --username and --authenticationDatabase options.

Changed in version 3.0.0: If you do not specify an argument for --password, mongostat returns an error.

Changed in version 3.0.2: If you wish mongostat to prompt the user for the password, pass the --username option without --password or specify an empty string as the --password value, as in --password "" .

--authenticationDatabase <dbname>

Specifies the database in which the user is created. See Authentication Database.

--authenticationDatabase is required for mongod and mongos instances that use Authentication.

--authenticationMechanism <name>

Default: SCRAM-SHA-1

Changed in version 2.6: Added support for the PLAIN and MONGODB-X509 authentication mechanisms.

Changed in version 3.0: Added support for the SCRAM-SHA-1 authentication mechanism. Changed default mechanism to SCRAM-SHA-1.

Specifies the authentication mechanism the mongostat instance uses to authenticate to the mongod or mongos.

Value Description
SCRAM-SHA-1 RFC 5802 standard Salted Challenge Response Authentication Mechanism using the SHA1 hash function.
MONGODB-CR MongoDB challenge/response authentication.
MONGODB-X509 MongoDB TLS/SSL certificate authentication.
GSSAPI (Kerberos) External authentication using Kerberos. This mechanism is available only in MongoDB Enterprise.
PLAIN (LDAP SASL) External authentication using LDAP. You can also use PLAIN for authenticating in-database users. PLAIN transmits passwords in plain text. This mechanism is available only in MongoDB Enterprise.
--gssapiServiceName

New in version 2.6.

Specify the name of the service using GSSAPI/Kerberos. Only required if the service does not use the default name of mongodb.

This option is available only in MongoDB Enterprise.

--gssapiHostName

New in version 2.6.

Specify the hostname of a service using GSSAPI/Kerberos. Only required if the hostname of a machine does not match the hostname resolved by DNS.

This option is available only in MongoDB Enterprise.

--noheaders

Disables the output of column or field names.

--rowcount <number>, -n <number>

Controls the number of rows to output. Use in conjunction with the sleeptime argument to control the duration of a mongostat operation.

Unless --rowcount is specified, mongostat will return an infinite number of rows (e.g. value of 0.)

--http

Configures mongostat to collect data using the HTTP interface rather than a raw database connection.

Deprecated since version 3.2: HTTP interface for MongoDB

--discover

Discovers and reports on statistics from all members of a replica set or sharded cluster. When connected to any member of a replica set, --discover all non-hidden members of the replica set. When connected to a mongos, mongostat will return data from all shards in the cluster. If a replica set provides a shard in the sharded cluster, mongostat will report on non-hidden members of that replica set.

The mongostat --host option is not required but potentially useful in this case.

Changed in version 2.6: When running with --discover, mongostat now respects --rowcount.

--all

Configures mongostat to return all optional fields.

--json

New in version 3.0.0.

Returns output for mongostat in JSON format.

<sleeptime>

The final argument is the length of time, in seconds, that mongostat waits in between calls. By default mongostat returns one call every second.

mongostat returns values that reflect the operations over a 1 second period. For values of <sleeptime> greater than 1, mongostat averages data to reflect average operations per second.

Fields

mongostat returns values that reflect the operations over a 1 second period. When mongostat <sleeptime> has a value greater than 1, mongostat averages the statistics to reflect average operations per second.

mongostat outputs the following fields:

inserts

The number of objects inserted into the database per second. If followed by an asterisk (e.g. *), the datum refers to a replicated operation.

query

The number of query operations per second.

update

The number of update operations per second.

delete

The number of delete operations per second.

getmore

The number of get more (i.e. cursor batch) operations per second.

command

The number of commands per second. On slave and secondary systems, mongostat presents two values separated by a pipe character (e.g. |), in the form of local|replicated commands.

flushes

Changed in version 3.0.

For the WiredTiger Storage Engine, flushes refers to the number of WiredTiger checkpoints triggered between each polling interval.

For the MMAPv1 Storage Engine, flushes represents the number of fsync operations per second.

dirty

New in version 3.0.

Only for WiredTiger Storage Engine. The percentage of the WiredTiger cache with dirty bytes, calculated by wiredTiger.cache.tracked dirty bytes in the cache / wiredTiger.cache.maximum bytes configured.

used

New in version 3.0.

Only for WiredTiger Storage Engine. The percentage of the WiredTiger cache that is in use, calculated by wiredTiger.cache.bytes currently in the cache / wiredTiger.cache.maximum bytes configured.

mapped

Changed in version 3.0.

Only for MMAPv1 Storage Engine. The total amount of data mapped in megabytes. This is the total data size at the time of the last mongostat call.

vsize

The amount of virtual memory in megabytes used by the process at the time of the last mongostat call.

non-mapped

Changed in version 3.0.

Only for MMAPv1 Storage Engine.

Optional. The total amount of virtual memory excluding all mapped memory at the time of the last mongostat call.

mongostat only returns this value when started with the --all option.

res

The amount of resident memory in megabytes used by the process at the time of the last mongostat call.

faults

Changed in version 3.0.

Only for MMAPv1 Storage Engine. The number of page faults per second.

Changed in version 2.1: Before version 2.1, this value was only provided for MongoDB instances running on Linux hosts.

lr

New in version 3.2.

Only for MMAPv1 Storage Engine. The percentage of read lock acquisitions that had to wait. mongostat displays lr|lw if a lock acquisition waited.

lw

New in version 3.2.

Only for MMAPv1 Storage Engine. The percentage of write lock acquisitions that had to wait. mongostat displays lr|lw if a lock acquisition waited.

lrt

New in version 3.2.

Only for MMAPv1 Storage Engine. The average acquire time, in microseconds, of read lock acquisitions that waited. mongostat displays lrt|lwt if a lock acquisition waited.

lwt

New in version 3.2.

Only for MMAPv1 Storage Engine. The average acquire time, in microseconds, of write lock acquisitions that waited. mongostat displays lrt|lwt if a lock acquisition waited.

locked

Changed in version 3.0: Only appears when mongostat runs against pre-3.0 versions of MongoDB instances.

The percent of time in a global write lock.

idx miss

Changed in version 3.0.

Only for MMAPv1 Storage Engine. The percent of index access attempts that required a page fault to load a btree node. This is a sampled value.

qr

The length of the queue of clients waiting to read data from the MongoDB instance.

qw

The length of the queue of clients waiting to write data from the MongoDB instance.

ar

The number of active clients performing read operations.

aw

The number of active clients performing write operations.

netIn

The amount of network traffic, in bytes, received by the MongoDB instance.

This includes traffic from mongostat itself.

netOut

The amount of network traffic, in bytes, sent by the MongoDB instance.

This includes traffic from mongostat itself.

conn

The total number of open connections.

set

The name, if applicable, of the replica set.

repl

The replication status of the member.

Value Replication Type
M master
SEC secondary
REC recovering
UNK unknown
SLV slave
RTR mongos process (“router”)
ARB arbiter

Use

In the first example, mongostat will return data every second for 20 seconds. mongostat collects data from the mongod instance running on the localhost interface on port 27017. All of the following invocations produce identical behavior:

mongostat --rowcount 20 1
mongostat --rowcount 20
mongostat -n 20 1
mongostat -n 20

In the next example, mongostat returns data every 5 minutes (or 300 seconds) for as long as the program runs. mongostat collects data from the mongod instance running on the localhost interface on port 27017. Both of the following invocations produce identical behavior.

mongostat --rowcount 0 300
mongostat -n 0 300
mongostat 300

In the following example, mongostat returns data every 5 minutes for an hour (12 times.) mongostat collects data from the mongod instance running on the localhost interface on port 27017. Both of the following invocations produce identical behavior.

mongostat --rowcount 12 300
mongostat -n 12 300

In many cases, using the --discover will help provide a more complete snapshot of the state of an entire group of machines. If a mongos process connected to a sharded cluster is running on port 27017 of the local machine, you can use the following form to return statistics from all members of the cluster:

mongostat --discover
←   mongoexport mongotop  →