MongoDB Logging Private Messages in Plain Text

Description

While troubleshooting an unrelated issue last week, our team discovered that all messages are logged in plain-text in MongoDB’s logfile. Here’s an example of what these logs look like on our end (expanded a bit for readability):

2021-03-29T12:12:22.473-0400 I COMMAND  [conn7] command rocketchat.rocketchat_message command:
insert: {
    insert: "rocketchat_message",
    documents: [{
        _id: "<id>",
        rid: "<rid>",
        msg: "test",
        ts: new Date(1617034342152),
        u: {
            _id: "<id>",
            username: "example1"
        },
        unread: true,
        mentions: [],
        channels: [],
        _updatedAt: new Date(1617034342268)
    }],
    ordered: true,
    lsid: { id: UUID("<uuid>") },
    $clusterTime: {
        clusterTime: Timestamp(1617034342, 1),
        signature: {
            hash: BinData(<params>),
            keyId: 0
        },
    $db: "rocketchat"
}

Since discovering this issue, I’ve been completely unable to mitigate this as my familiarity with MongoDB’s configuration is rudimentary at best.

If at all possible, we would like to disable/prevent MongoDB’s logging on these inserts on rocketchat.rocketchat_message…or at the very least prevent the messages themselves from being displayed in the logfile in plain text.

Server Setup Information

  • Version of Rocket.Chat Server: 3.12.0
  • Operating System: CentOS 7
  • Deployment Method: tar (manual)
  • Number of Running Instances: 1
  • DB Replicaset Oplog: enabled (rs01) – can provide the actual log if required; or portions of it.
  • NodeJS Version: 12.18.4
  • MongoDB Version: 4.0.23
  • Proxy: Nginx
  • Firewalls involved: firewalld/iptables

Any additional Information

RocketChat is configfured to only log errors – though this likely doesn’t affect MongoDB’s logs

Additionally, of Mongo’s DBs, all of them are currently set to a verbosity level of 0, with no additional configuration away from the default – after trying to wrap my head around Mongo’s log levels today, I’m not sure this is really the solution either.

I’ve posted this question in a few different places thusfar to no avail.

If anyone has any resources on how to combat this, it would be greatly appreciated.

Did you find a solution to this problem?

In our case in particular, it looks like the cause of the long-running inserts (causing the messages to be logged in plain-text) was due to DB degredation; which may have been brought about by a power failure – though, no other disk corruption occurred, so we’re not 100% sure.

We ran a DB repair, and that seems to have “fixed” the performance issues – this, in turn, meant that insert ops for message sending were no longer taking “too long”, and therefore were not being written in plain-text in the mongod log.

But, I realize that may not work for everyone – especially given the nature of the issue.

I was able to find the redactClientLogData option; though were were wholly unable to utilize this option, as its limited to the enterprise release, unfortunately.

Outside of trying to improve DB performance, or utilizing the redactClientLogData option with MongoDB Enterprise…we’ve not found any sure-file fix.