Skip to main content

Data Source Management

Data Sources is the configuration hub of the Ops Platform—every monitored host, middleware, and cluster is registered here, and registering data sources is the first step after the platform is installed. Both the Resource Monitoring menus and the available types in Alert Rules are determined dynamically by the data sources enabled here.

Data source management

Supported Types

TypeMultiple InstancesConnection
PrometheusBuilt-in singletonPlatform's own metrics store; read-only, cannot be disabled or deleted
HostHost address (port connectivity and similar monitoring)
MySQLHost / port / username / password
MongoDBConnection URI, replica set supported
RedisHost / port / password / DB
KafkaBroker address, SASL supported
ElasticsearchAddress + HTTP Basic authentication
KubernetesOut-of-cluster (static): see Monitoring Kubernetes Clusters
FlinkSingleton entryFlink Web UI address (once enabled, a Flink entry appears on the left, accessed via the platform's reverse proxy)

Purposes

Each data source has one or more purposes selected, which determine where it appears across features:

PurposeEffect
DashboardsDisplays this instance's dashboard under the corresponding Resource Monitoring menu
AlertingAllows creating rules for this instance under Alert Rules
Slow Query DiagnosisMongoDB only: enables slow query analysis and index diagnosis

Account Permissions for Monitored Targets

Before registering, prepare an account with the appropriate permissions for each target (the platform observes read-only):

TargetRequired Permissions
MySQLSELECT, SHOW DATABASES, PROCESS, REPLICATION CLIENT
MongoDBroot recommended; see the minimal-privilege example below
RedisData read permission
KafkaIf authentication is enabled, permission to read cluster metadata
ElasticsearchIndex read/write permission
FlinkWeb address must allow access from the Ops Platform's internal network

MongoDB minimal privileges (readWrite / dbAdmin are used for index creation in slow query diagnosis):

use admin
db.createUser({
user: "opsuser", pwd: "your_secure_password",
roles: [
{ role: "clusterMonitor", db: "admin" },
{ role: "readAnyDatabase", db: "admin" },
{ role: "clusterManager", db: "admin" },
{ role: "dbAdmin", db: "mdwsrows" }, { role: "readWrite", db: "mdwsrows" },
{ role: "dbAdmin", db: "mdservicedata" }, { role: "readWrite", db: "mdservicedata" },
{ role: "dbAdmin", db: "mdworksheet" }, { role: "readWrite", db: "mdworksheet" },
{ role: "dbAdmin", db: "mdworkflow" }, { role: "readWrite", db: "mdworkflow" }
]
})

Operations

  • Create: click New Data Source at the top right → choose a type → fill in the connection details.
  • Test connection: performs a real authentication check with actual credentials (MongoDB ping, MySQL login, Kafka metadata fetch, Redis AUTH, ES authentication request)—not just a port probe.
  • Enable / disable: toggle the switch in the list. Once disabled, the corresponding Resource Monitoring menu and alert types are automatically hidden, and existing alert rules stop being scheduled.
  • Edit: existing saved passwords are shown masked; leave blank to keep them unchanged.
Credential Security

Passwords and connection URIs are AES-encrypted with ENV_ALERT_CRYPTO_KEY before being stored, and interfaces always return masked values. Be sure to set and safeguard this key on first deployment—changing the key will make already-stored credentials undecryptable and require re-entering them.