Skip to content

Ops Tools

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

227 results found

  1. Need an alert for KMIP master key rotation

    Currently opsmanager has manual rotation of KMIP master keys.

    Enhancement required:
    Need an alert from project level to rotate keys when nearing the schedule rotation just like SSL expiration alerts

    Need for automation of this key rotation would be helpful. If fails, it needs to revert back changes and alert for human intervention.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Add Public API Endpoint for Backup Snapshot Status

    When a snapshot is ongoing, the only location to find information on the current status is in the UI on the backup page for a project.

    An API endpoint with the same information as the UI would allow for automation and alerting tools if the snapshot creation is not performing as expected.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Add support for zstd compression in Ops Manager connection string

    I just tried to enable zstd on the mongo.mongoUri connection string for Ops Manager and it looks like it's not supported

    Feb 6 13:53:20 opsmanager1 mongodb-mms[3971104]: An unexpected error occurred during pre-flight checks: com/github/luben/zstd/ZstdInputStream
    Feb 6 13:53:20 opsmanager1 mongodb-mms[3971104]: java.lang.NoClassDefFoundError: com/github/luben/zstd/ZstdInputStream

    Given the high network in/out values we see from the mongo underlying Ops Manager, I think zstd is likely to be very effective and helpful!

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. SAML sign either Response or Assertion in Ops Manager

    Ops Manager currently requires both the Response and Assertion to be signed for SAML auth. Our IDMS system cannot authenticate via SAML as it can sign either one or the other, not both. We would like a configurable option in Ops Manager SAML auth to enforce signing of Response or Assertion.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Ops Manager: API endpoint for /databases should not require host

    Currently the Ops Manager API to list databases requires a hostname: /groups/{PROJECT-ID}/hosts/{HOST-ID}/databases

    It would useful to gather databases on a project or cluster level instead as the databases are the same across replica set members.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Add a cross reference of all projects and roles to user profile

    I must click on projects to display all the projects in my list, click the Users link for a project, then search for my ID to see the roles assigned to my ID.

    My idea is to consolidate this information and display it under my user profile similar to the Organization page. 3 clicks display my roles for each project on a single page.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. add organisation name to project name when project name is not unique

    There are multiple places where we need choose project. for example, to create global alerts we can exclude some projects from this alert.

    The issue is project name is not unique and there could be projects with the same name in different organisations. For example, every organisation may have project dev or test.

    it comes to the issue that you will see in the list of projects "dev,dev,dev,dev" and you don't understand which one you want to use.

    it will be much better to display them in the format "org/project", so the example above would be "org1/dev, org2/dev, org3/dev" which…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Set log file permissions using Ops Manager

    Currently there is no way to set the log file permissions from Ops Manager and the default value is 600. Our organization uses Splunk and with the current settings the Splunk user is not able to read the log files. Config file options such as processUmask and honorSystemUmask can be used to change the log file permissions, but they will also change other files such as journal files, wiredtiger files, etc. The only option we have is to add the Splunk user to our role group in Unix, but this causes a security issue.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. OPS Manager should call updateUser to change password to trace it in DB Audit.

    If you enable auditing in database, you can't trace change password actions. The reason is OPS Manager updates system.user collection record directly. as a result, this action is not traceble in audit if parameter auditAuthorizationSuccess is not enabled.

    But enabling this parameter cause performance degradation as all DML/DDL will be sent through audit layer.

    Dropping user at the same time happening as expected and traceable in audit files.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Agent authentication to opsmanager using x509 credentials

    Similar to how Opsmanger can use x509 to manage deployments, it should be possible to configure the agents to use x509 credentials to communicate with Opsmanager. This will allow for a more consistent security posture across the whole mongodb/opsmanager stack. It would also simplify security procedures such as credential rotation by unifying the authentication mechanism.

    This will be an alternative to the existing API Key approach https://www.mongodb.com/docs/ops-manager/current/tutorial/manage-agent-api-key/index.html

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Ability to remove parameter tlsCertificateKeyFilePassword from Advanced configuration

    Currently the behavior around this parameter is tricky -once you added this parameter to advanced config - you can't remove it. if you try to remove it - OPS Manager simply ignores this action and when you run "Review and Deploy" - it displays nothing but still let you deploy this "nothing". similar if you want to set the value of this parameter to empty string from something - OPS Manager ignores it and deploy empty list of actions.

    the workaround is to remove both tlsCertificateKeyFile and tlsCertificateKeyFilePassword in advanced config, but don't deploy it. then add back tlsCertificateKeyFile parameter…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. When changing snapshot retention, prompt user to apply new policy to existing snapshots

    Currently when you change the snapshot schedule, the changes only apply to NEW snapshots.

    Please allow the user the option to apply the new policy automatically to all existing snapshots. Or at the very least, notify them of them of snapshots that exist which do not meet the current policy!


    Let me provide an example of the problem. If you have a retention policy of 10 days and on DAY1 you change it to 30 days, your retention will look like this:

    DAY1 - 10 snapshots
    DAY2 - 10 snapshots
    ...
    DAY10 - 10 snapshots
    DAY11 - 11 snapshots
    DAY12…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Lock enableLocalConfigurationServer setting on OPS Manager side

    To harden security for mongodb deployment managed by OPS Manager, we can use setting enableLocalConfigurationServer = true so automation-mongod.conf won't have any passwords for ssl certs and agent will retrieve them from OPS Manager.

    to disable this feature and to read all passwords for ssl certs (and hence get access to mongodb data) it's enough to comment out this parameter an restart automation service (or wait until host will be restarted).

    Linux root user can modify any file on mongodb host including this file and can restart any services, so it's impossible to protect getting all passwords and mongod.conf from…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. I found what I believe to be an error in the following document

    I found what I believe to be an error in the following document.
    https://www.mongodb.com/docs/ops-manager/current/tutorial/install-simple-test-deployment/

    In the section "5. Create the Ops Manager Application Database directory," it instructs to execute the following command
    sudo chown -R mongod:mongod /data

    In my environment, the mongod user does not exist and I get an error, but looking at the passwd file, the mongodb user and mongodb group seem to exist. The version is 11.7.

    I think the correct command is as follows
    sudo chown -R mongodb:mongodb /data

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Operating System distribution and version of a host in OPS Manager API

    Hi,
    would be useful having the operating system distribution and version of a host for our automation scripts.
    This info is not available in any OPS Manager API request, as the case 01119828.
    My suggestion is add this info at "Get Host by ID" https://www.mongodb.com/docs/ops-manager/current/reference/api/hosts/get-one-host-by-id/
    Best regards,
    Danilo

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Ability to mark a deployment as an INELIGIBLE restore target

    Restoring to a cluster is one of the few destructive actions that Ops Manager takes and it's terrifying to see our main production cluster listed as a possible restore target!

    I would love to be able to toggle a setting on this cluster to indicate that it is NOT available as a restore target.

    This could be similar to the AWS "DisableApiTermination" feature that prevents instance termination.
    https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Add flexibility to disable and enable specific fetures of managing mongodb instance in OPS Manager (like user Sync)

    Currently , Mongodb admin can not select to disable or enable feature after put mongodb manageed under OPS Manager. like security control .

    Normally , Security control is not mongodb or Ops manager admin's responsibility , which is managed by a enterprice access control team.

    1 , In opsmanager , there is not role for security control, like useradmin in mongodb.
    2 , When ACCESS control team create role in mongodb. Ops Manager sycn it back.
    3 , Opsmanager admin have to be engaged to work with ACCESS control team to complete the task.

    It is kind of not least…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Ability to start the bi connector using a .drdl file in Ops Manager

    Ability to start the bi connector using a .drdl file in Ops Manager. Currently only possible with en premise bi connector deployment(mongosqld).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Add possibility to configure the process hostnames for the automation config map

    In order to use external certificates could it be possible to configure the process hostnames in automation config map

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. TLS secret key config

    Add option to configure the secret keys for the server and CA certificate and replace the default ones tls.crt, tls.key and ca.crt

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base