IBM Security Guardium

  • 1.  ATAP Error - MongoDB Server

    Posted Thu October 14, 2021 10:28 AM
    Hi!
    I have MongoDB server that have two instances - Mongod + Mongos with SSL encryption. 
    I created "store-conf" to mongod. when I tried to create also "store-conf" for mongos I got this error: 
    "ERROR: Conflicting instance created by user root, please login as root and remove /usr/local/guardium/etc/guard/root/mongod_D.conf, then activate as root again"

    The name for the files are different. 

    Hope someone can help me :)

    Thanks,
    Eden.

    ------------------------------
    Eden Amsalem
    ------------------------------


  • 2.  RE: ATAP Error - MongoDB Server

    Posted 16 days ago
    Hi Eden,
    Hope the issue is resolved already.

    When both instances share the same install dir, you only need to configure once after that activate it.  Run '/usr/local/guardium/modules/ATAP/current/files/bin/guardctl list-active' as root and check if you see 1 or 2 instance(s) as active. In the collector GUI, if both instances share the same listener port you only need to setup 1 Inspection Engine. Configure 2 inspection engines only if the ports are different.

    Demi

    ------------------------------
    DEMI SIEW PING LEE
    ------------------------------



  • 3.  RE: ATAP Error - MongoDB Server

    Posted 16 days ago
    Hello Eden,

    In your server, is a single executable used for both instances? Do they share the same install dir?
    For a multi-instance configuration where a single executable is used for all of the instances, guardctl activate should only be done once as it will be effective for all instances. You could refer to following technote for more information:
    https://www.ibm.com/support/pages/node/6366685

    Thanks.

    ------------------------------
    Zimeng Zhang
    ------------------------------