Hi, I run Graylog 2.5 on 4 nodes with the following setup:
4 docker containers:
- Graylog (2.5)
- Mongo (3.6.19)
- Elastic ( Coordinating only node 6.8.5 )
I have made dump of mongodb using mongodump and then restored it to separate mongodb cluster and replica set using mongorestore, ( mongodb 3.6.21)
I have validated on mongo that all previous users with their passwords and roles do exist on a new mongodb cluster/replicaset
After that i have changed setting of mongo_db uri to point to the new replica set.
Graylog starts succesfully, i see all streams/dashboards/extractors there, and i see that nodes continue to ingest messages to elastic. I am unable to see ANY messages in any streams. On mongodb containers. on the new cluster i see the following in logs:
2021-02-05T21:04:12.902+0000 I ACCESS [conn130] Unauthorized: not authorized on admin to execute command { serverStatus: true, $db: “admin” }
2021-02-05T21:04:35.706+0000 I ACCESS [conn119] Unauthorized: not authorized on admin to execute command { serverStatus: true, $db: “admin” }
2021-02-05T21:04:54.774+0000 I ACCESS [conn113] Unauthorized: not authorized on admin to execute command { serverStatus: true, $db: “admin” }
When switching mongo_uri back to old cluster, all messages are visible again. Please give me direction