Graylog mongo cluster , cant connect to mongo invalid char

1. Describe your incident:
This is my graylog conf

is_leader = true
node_id_file = /etc/graylog/server/node-id
password_secret = "secret"
root_password_sha2 = "secret"
bin_dir = /usr/share/graylog-server/bin
data_dir = /var/lib/graylog-server
plugin_dir = /usr/share/graylog-server/plugin
http_bind_address =
elasticsearch_hosts =,
allow_leading_wildcard_searches = false
allow_highlighting = true
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://,,
mongodb_max_connections = 1000

And this is my mongo conf.

  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log
  dbPath: /var/lib/mongo
    enabled: true
  timeZoneInfo: /usr/share/zoneinfo
  port: 27017
  bindIp:,  # Enter,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
  authorization: "enabled"
  keyFile: "/etc/mongodb-keyfile"
   replSetName: "graylog"

And this is what i did when i setup my mongo first time. Running mongosh

use admin
    user: "graylog-admin",
    pwd: "abc123",  // replace with a strong password
    roles: [
      { role: "userAdminAnyDatabase", db: "admin" },
      { role: "clusterMonitor", db: "admin" }
    user: "graylog",
    pwd: "qwerty12345",
    roles: [ { role: "readWrite", db: "graylog2023" } ]

And this is my error from the graylog.log.
I do not know why it complain that i use invalid char when i do not have it.
I can connect to mongo using my user cred.

mongosh mongodb:// 
Caused by: java.lang.IllegalArgumentException: The connection string contains invalid user information. If the username or password contains a colon (:) or an at-sign (@) then it must be urlencoded
        at com.mongodb.ConnectionString.<init>( ~[graylog.jar:?]
        at com.mongodb.MongoClientURI.<init>( ~[graylog.jar:?]
        at org.graylog2.configuration.MongoDbConfiguration.getMongoClientURI( ~[graylog.jar:?]
        at org.graylog2.configuration.MongoDbConfiguration.validate( ~[graylog.jar:?]
        at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
        at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
        at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
        at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation( ~[graylog.jar:?]
        at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods( ~[graylog.jar:?]
        ... 5 more

2. Describe your environment:

Red hat 9.2 Plow
graylog graylog-server-5.1.2-1.x86_64

Running 3 graylog servers, every graylog server has mongodb.

Can you verify you are URL encoding the : and @ characters?

In the server.conf info you posted, it looks like your mongo connection string is mongodb://,,

However, the startup error says:

The connection string contains invalid user information. If the username or password contains a colon (:slight_smile: or an at-sign (@) then it must be urlencoded

%3A is urlencoded :
%40 is urlencoded @

You are wrong, the @ and : should be there because it is a delimiter, well if I had them in my username and password I would have to escape them.
But what actually worked, which I find a little strange, is this line.

mongodb_uri = mongodb://USERNAME:PASSWORD@mongodb-node01:27017,mongodb-node02:27017,mongodb-node03:27017/graylog?replicaSet=rs01

I think graylog needs to bold that you only need to enter username and password once at the beginning.
Otherwise, it is natural to enter user and password for each node.

So instead of


I had to use.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.