This seems to apply to the docker version only, and maybe only to older ones that were installed some time ago.
What happened
Everytime I tried to access the “Insights” menu item on my docker hosted Unifi network application I got a short popup telling me
“An error occured while trying to retreive logs”
Further investigation
The browsers web developer console reported some 500 error while trying to access the audit API url.
Looking into the applications server log (ususally located at /config/logs/server.log) I found the following error every time the above happened (output shortened for better readability):
com.mongodb.MongoCommandException: Command failed with error 13 (Unauthorized): ‘not authorized on unifi_audit to execute command
So it looks like some permission error in the underlying mongodb.
Checking the installation
So I checked the installation instructions again and according the init-mongo.sh script provided with the docker installation instructions the permissions for the database unifi_audit should already be in place.
So I compared that to the version I used to install the application some time ago … and yes, in the old version the role to access unifi_audit was missing (according to github that line was added in May 2025, shortly after my deployment).
As I had zero experience with mongodb (besides starting up a readily prepared docker container) I had to take a “Google crash course” in order to make my first steps here.
MongoDB action
The authentication credentials match the ones specified during installation in your docker-compose.yml:
linux # cat docker-compose.yml
<...>
unifi-db:
image: docker.io/mongo:8.0
container_name: unifi-db
environment:
- TZ=Europe/Berlin
- MONGO_USER=unifi
- MONGO_PASS=unifi_pw
- MONGO_DBNAME=unifi
- MONGO_AUTHSOURCE=admin
- MONGO_INITDB_ROOT_USERNAME=admin
- MONGO_INITDB_ROOT_PASSWORD=admin_pwConnecting to mongodb
linux # docker exec -ti unifi-db mongosh --port 27017 -u admin -p admin_pw --authenticationDatabase 'admin'
Current Mongosh Log ID: 54aab738af562bfda89b03c
Connecting to: mongodb://@127.0.0.1:27017/?directConnection=true&serverSelectionTimeoutMS=2000&authSource=admin&appName=mongosh+2.5.6
Using MongoDB: 8.0.12
Using Mongosh: 2.5.6
For mongosh info see: https://www.mongodb.com/docs/mongodb-shell/
<...>
test>Ok, so we’re connected. Now let’s see what users we have in our database “admin“:
test> user admin
switched to db admin
admin> db.getUsers()
{
users: [
{
_id: 'admin.admin',
userId: UUID('598be8c2-af61-493f-9b51-13b10244643c'),
user: 'admin',
db: 'admin',
roles: [ { role: 'root', db: 'admin' } ],
mechanisms: [ 'SCRAM-SHA-1', 'SCRAM-SHA-256' ]
},
{
_id: 'admin.unifi',
userId: UUID('151c20d5-27ff-4fe1-aff2-0681543bd4b8'),
user: 'unifi',
db: 'admin',
roles: [
{ role: 'dbOwner', db: 'unifi_stat' },
{ role: 'dbOwner', db: 'unifi' }
],
mechanisms: [ 'SCRAM-SHA-1', 'SCRAM-SHA-256' ]
}
],
ok: 1
}
So as we can see our user unifi currently only has access to the unifi and the unifi_stat databases.
Modifying mongodb permissions
Time to add some permissions:
admin> db.grantRolesToUser("unifi", [ { role: 'dbOwner', db: 'unifi_stat' }, { role: 'dbOwner', db: 'unifi' }, { role: 'dbOwner', db: 'unifi_audit' } ] )
{ ok: 1 }
admin> db.getUser("unifi")
{
_id: 'admin.unifi',
userId: UUID('151c20d5-27ff-4fe1-aff2-0681543bd4b8'),
user: 'unifi',
db: 'admin',
roles: [
{ role: 'dbOwner', db: 'unifi' },
{ role: 'dbOwner', db: 'unifi_audit' },
{ role: 'dbOwner', db: 'unifi_stat' }
],
mechanisms: [ 'SCRAM-SHA-1', 'SCRAM-SHA-256' ]
}Well that’s about it … error is gone … now waiting for flows …