Events
Take the Microsoft Learn Challenge
Nov 19, 11 PM - Jan 10, 11 PM
Ignite Edition - Build skills in Microsoft security products and earn a digital badge by January 10!
Register nowThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
This article outlines how to register MongoDB, and how to authenticate and interact with MongoDB in Microsoft Purview. For more information about Microsoft Purview, read the introductory article.
Metadata Extraction | Full Scan | Incremental Scan | Scoped Scan | Classification | Labeling | Access Policy | Lineage | Data Sharing | Live view |
---|---|---|---|---|---|---|---|---|---|
Yes | Yes | No | Yes | No | No | No | No | No | No |
The supported MongoDB versions are 3.6 to 7.0. You can use this connector to scan MongoDB Atlas as well.
When scanning MongoDB source, Microsoft Purview supports extracting technical metadata including:
During scan, Microsoft Purview retrieves and analyzes sample documents to infer the collection/view schema. The sample size is configurable.
When setting up scan, you can choose to scan one or more MongoDB database(s) entirely, or further scope the scan to a subset of collections matching the given name(s) or name pattern(s).
When object is deleted from the data source, currently the subsequent scan won't automatically remove the corresponding asset in Microsoft Purview.
An Azure account with an active subscription. Create an account for free.
An active Microsoft Purview account.
You need Data Source Administrator and Data Reader permissions to register a source and manage it in the Microsoft Purview governance portal. For more information about permissions, see Access control in Microsoft Purview.
If your data source isn't publicly accessible, set up the latest self-hosted integration runtime.
This section describes how to register MongoDB in Microsoft Purview using the Microsoft Purview governance portal.
To register a new MongoDB source in Microsoft Purview Unified Catalog, do the following:
On the Register sources (MongoDB) screen, do the following:
Enter a Name that the data source will be listed within the Catalog.
Enter the server name. Specify a name to uniquely identify your MongoDB instance in your company. For example, host
for standalone deployment, MyReplicaSetName
for replica set, MyClusterName
for sharded cluster. This value will be used in asset qualified name and cannot be changed.
Select a collection from the list.
Finish to register the data source.
Follow the steps below to scan MongoDB to automatically identify assets. For more information about scanning in general, see our introduction to scans and ingestion.
The supported authentication type for a MongoDB source is Basic authentication.
To create and run a new scan, do the following:
In the Management Center, select Integration runtimes. Make sure a self-hosted integration runtime is set up. If it isn't set up, use the steps mentioned in prerequisites to create a self-hosted integration runtime.
Navigate to Sources.
Select the registered MongoDB source.
Select + New scan.
Provide the below details:
Name: The name of the scan
Connect via integration runtime: Select the self-hosted integration runtime used to perform scan.
Credential: Select the credential to connect to your data source. Make sure to:
Connection string: Specify the MongoDB connection string used to connect to your MongoDB, excluding the username and password. For example, mongodb://mongodb0.example.com:27017,mongodb1.example.com:27017/?replicaSet=myRepl
, mongodb+srv://mongodb0.example.com/?authSource=admin&replicaSet=myRepl
.
Databases: Specify a list of MongoDB databases to be imported. The list can have one or more database names separated by semicolon (;), e.g. database1; database2
.
Collections: The subset of collections to import expressed as a semicolon separated list of collections, e.g. collection1;collection2
. All collections are imported if the list is empty.
Acceptable collection name patterns can be static names or contain wildcard %. For example: A%;%B;%C%;D
:
Usage of NOT and special characters aren't acceptable.
Number of sample documents: Number of sample documents to be analyzed for schema extraction. Default is 10.
Maximum memory available (applicable when using self-hosted integration runtime): Maximum memory (in GB) available on customer's VM to be used by scanning processes. It's dependent on the size of MongoDB source to be scanned.
Select Test connection to validate the configurations.
Select Continue.
Choose your scan trigger. You can set up a schedule or ran the scan once.
Review your scan and select Save and Run.
To view existing scans:
To edit, cancel, or delete a scan:
Go to the Microsoft Purview portal. On the left pane, select Data Map.
Select the data source. You can view a list of existing scans on that data source under Recent scans, or you can view all scans on the Scans tab.
Select the scan that you want to manage. You can then:
Note
Now that you've registered your source, follow the below guides to learn more about Microsoft Purview and your data.
Events
Take the Microsoft Learn Challenge
Nov 19, 11 PM - Jan 10, 11 PM
Ignite Edition - Build skills in Microsoft security products and earn a digital badge by January 10!
Register nowTraining
Module
Manage a vCore-based Azure Cosmos DB for MongoDB cluster - Training
Manage a vCore-based Azure Cosmos DB for MongoDB cluster.
Certification
Microsoft Certified: Information Protection and Compliance Administrator Associate - Certifications
Demonstrate the fundamentals of data security, lifecycle management, information security, and compliance to protect a Microsoft 365 deployment.