Permalink
Fetching contributors…
Cannot retrieve contributors at this time
55 lines (38 sloc) 1.53 KB
.. _wireshark-support-for-mongodb-protocol:
======================================
Wireshark Support for MongoDB Protocol
======================================
.. default-domain:: mongodb
.. contents:: On this page
:local:
:backlinks: none
:depth: 1
:class: singlecol
`Wireshark <http://www.wireshark.org/>`_, an advanced interactive network
traffic sniffer, has `full support <http://wiki.wireshark.org/Mongo>`_
for the MongoDB Wire protocol.
You can visually inspect MongoDB traffic, do complex filters on specific
values of MongoDB wire messages, and dig into individual documents both
sent and received.
MongoDB Port
------------
The :guilabel:`Mongo` protocol definition included in Wireshark assumes
that the traffic occurs on the default MongoDB TCP port ``27017``. To
verify or update the TCP port of the MongoDB server (or client), go to
:guilabel:`Preferences` -> :guilabel:`Protocols` -> :guilabel:`Mongo`.
To verify the port using the ``tshark`` command line interface instead
of the GUI, use the following:
.. code-block:: sh
tshark -G currentprefs | grep mongo
.. note::
If the port value preference does not match the port on which your
MongoDB runs, no mongo wire protocol data will be captured and all
filter expressions will have an empty result.
Example
-------
.. image:: /figures/wireshark-support-packet-list.png
:width: 760px
.. image:: /figures/wireshark-support-filter-expression-profile-default.png
:width: 760px
.. image:: /figures/wireshark-support-wire-protocol-details.png
:width: 760px