Get Started with Operations Insights

Set Up Groups, Users and Policies

Before you can start using Operations Insights, your tenancy administrator has to create Oracle Cloud Infrastructure user accounts, create a group for these users to belong to, and then assign these user accounts to that group.

There are two types of Operations Insights users, each with different operational profiles: Administrators and Non-administrators.

If you already have an existing group, you may use that group to control access to Operations Insights and skip the group creation procedure. Simply grant Operations Insights resource permissions to this pre-existing group. There is no requirement to create a separate group exclusively for Operations Insights.

For example, you may already have a DB administrator (DBAdmin) group that has USE permission on the opsi-family. In this case, skip the group and user creation topic and proceed directly to policy creation and just grant the requisite permissions to the DBAdmin group.

This section covers the following topics:

Create an Administrator Group, User and Policy

Define policies to give the group and the administrator accounts that belong to it the ability to enable Operations Insights on OCI resources.

In the following procedures, you will create a new group called opsi-admins, add the user opsiadmin to this group, and create a new policy called opsi-admin-policy that grants administrators Operations Insights enable/disable permissions on their full fleet of resources.

Create an Administrator Group and User
  1. Log into the Console as a tenancy administrator and open the navigation menu.
  2. Under Governance and Administration, go to Identity and click Groups.

    A list of the groups in your tenancy displays.

  3. Click Create Group and create a new group.
  4. Enter a meaningful name. For example, opsi-admins.
  5. (Optional) Enter a description. Avoid entering confidential information.
  6. Click Create Group.
  7. Go back to Governance and Administration, select Identity and click Users. A list of the users in your tenancy displays.
  8. Click Create User and create one or more new users. Create a user named opsiadmin.
  9. Add the user opsiadmin to the opsi-admin group.
    1. Go back to Governance and Administration, select Identity, and then click Users.

      A list of the users in your tenancy displays.

    2. Select one or more users and add them to the group authorized to use Operations Insights.
Create an Administrator Policy

Users can only use Operations Insights if their group has been granted the requisite permissions. To allow the opsiadmin administrator to enable/disable Operations Insights on their full fleet of resources and access to all analytics data, you must create an identity policy to grant the opsi-admin user group permissions.

  1. Log into the Console as your tenancy administrator.
  2. Open the navigation menu.
  3. Under Governance and Administration, go to Identity and click Policies.
  4. Use the To create a policy instructions and give the policy a meaningful name. For example, opsi-admin-policy.
  5. Add the following policy statements to allow the group to enable/disable Operations Insights. For example, for the opsi-admin group, add the following:
    allow group opsi-admins to manage opsi-family in tenancy

    For Autonomous Databases:

    allow group opsi-admins to use database-family in tenancy

    For External Databases:

    allow group opsi-admins to use external-database-family in tenancy


    Image shows the Create Policy UI.

    Note

    This policy can also be applied to a specific compartment as well, i.e, allow the group opsi-admins to use the autonomous-database-family in compartment prod-db-compartment for instance.

  6. To allow the group to create/enable/disable a Management Agent Host, Enterprise Manager database, and update or add tags to all Operations Insights resources, also add the following:
     allow group opsi-admins to manage opsi-family in tenancy

    For information about the opsi-users group, see Create a Non-administrator Group, User and Policy.

  7. Click Create.

Create a Non-administrator Group, User and Policy

To control access to Operations Insights resources, you want to limit the permissions and privileges of non-administrator users. To do this, you should use a separate group for regular users.

Use the following procedures to create a regular user for Operations Insights:

Create a Non-administrator Group and User

In the following procedures, you will create a new group called opsi-users, add the user opsiuser to this group, create a new policy called opsi-user-policy, and add the user opsiuser to this group.

  1. Log in to the Console as your tenancy administrator and navigate to Governance and Administration > Identity and click Groups.

    A list of the groups in your tenancy displays.

  2. Click Create Group and create a new group.
  3. Enter a meaningful name. For example, opsi-users.
  4. (Optional) Enter a description. Avoid entering confidential information.
  5. Click Create Group.
  6. Go back to Governance and Administration, select Identity and click Users. A list of the users in your tenancy displays.
  7. Click Create User and create one or more new users. Create a user named opsiuser.
  8. Add opsiuser to the opsi-users group.
    1. Go back to Governance and Administration, select Identity, and then click Users.

      A list of the users in your tenancy displays.

    2. Select one or more users and add them to the group authorized to use Operations Insights.
Create a Non-administrator Policy

Users can only use Operations Insights if their group has been granted the requisite permissions. To allow the opsiuser user to enable/disable Operations Insights on only Autonomous Databases within their tenancy, you must create an identity policy to grant the opsi-users user appropriate group permissions.

  1. Log in to the Console as your tenancy administrator and navigate to Governance and Administration > Identity and click Policies.
  2. Use the To create a policy instructions and give the policy a meaningful name. For example, opsi-user-policy.
  3. Add a policy statement to allow the group to enable/disable Operations Insights. For example, for the opsi-users group, add the following:
    allow group opsi-users to use opsi-family in tenancy
  4. Click Create.

Access Operations Insights

There are two ways to access the Operations Insights Console: Through the Oracle Cloud Infrastructure Console or from the Oracle Database Service details page in Oracle Cloud Infrastructure.

Oracle Cloud Infrastructure Console

To access Operations Insights, you can first sign in to the Oracle Cloud Infrastructure Console, and then access Operations Insights via the Oracle Cloud Infrastructure Console main menu.

Open the navigation menu, click Observability & Management. Under Operations Insights, click Overview.

Database Service Details

For a database managed within OCI, you can access Operations Insights directly from the database's details page. Operations Insights options appear in the lower-left corner of the page. These options vary depending on whether or not a database has been enabled for Operations Insights.

  • Database is already enabled.

    If Operations Insights has been enabled for a database, Disable and View links appear. Click Disable to disable Operations Insights for the database directly without accessing the Console. Click View to access the Operations Insights Overview page.

  • Database is not enabled.

    If Operations Insights is not currently enabled for the database, an Enable link appears,which allows you to enable Operations Insights for the database without having to access the Operations Insights Overview page.

Application Menu and Scope

When you select either Databases or Hosts from the Capacity Planning menu, a Resources sub-menu is presented.

For Databases: Summary, CPU, Storage, Memory, and I/O.

For Hosts: Summary, CPU, and Memory

These pages comprise the Capacity Planning application of Operations Insights Service.

Below the sub-menu are Scope and Filters sections that define the global time and target scope shared across the Capacity Planning application.

For Databases

  • Compartment: Capacity Planning is scoped to all databases enabled for Operations Insights and belonging to a specific compartment.
  • Database Type: The database scope can be further narrowed by filtering on database type.
  • Database: This option allows you to narrow the scope to a single database. To limit the number of databases that appear in the drop-down menu, you can type in a partial name to filter out unwanted databases.
  • Time Range: This is the historical time period on which Capacity Planning trends and forecasts will be based, ranging from previous day up to last 25 months.

For Hosts

  • Compartment: Capacity Planning is scoped to all hosts enabled for Operations Insights and belonging to a specific compartment.
  • Platform Type: The host operating system type.
  • Host: This option allows you to narrow the scope to a single host. To limit the number of hosts that appear in the drop-down menu, you can type in a partial name to filter out unwanted hosts.
  • Time Range: This is the historical time period on which Capacity Planning trends and forecasts will be based, ranging from previous day up to last 25 months.

Filtering Databases and Hosts Across Applications

To restrict Capacity Planning (databases or hosts) and Oracle SQL Warehouse insight/analysis to a subset of enabled databases/hosts, use the Database Name/Host or Host filter.


The graphic shows the Filter sub-menu with the Database Name/Host filter highlighted

  1. Click Select to display the Select by Names/Hosts dialog.
  2. Choose how you want to select databases. Under Select Databases By, choose whether you want to select databases by name or host name (all databases that reside on the selected host). Similarly, you can select from a list of enabled hosts if you are working with Hosts insight/analysis.
  3. Depending on the option you chose in step 2, select a database or host from the drop-down list. Repeat this step until you've added all databases/hosts of interest.
  4. Click Apply.

To remove the filter, click Clear.

Note

Cross-compartment analysis is not supported at this time.

Filtering Databases and Hosts Using Tags

You can filter host and database resources by namespaces, tags, and tag values. Tag filtering lets you display only those resources for which a specific tag has been assigned. This can greatly simplify resource management. For example, you want to perform Capacity Planning on your production databases only. By tagging your production databases with a Lifecycle State of Production, you can easily isolate only the production databases in Operations Insights.


Graphic shows the Tag filter menu option.

For more information about tags and how to use them for filtering, see To filter a list of resources by a tag.

  1. Click Add to display the Apply a Tag Filter dialog.
    Graphic shows the Apply Tag dialog.

  2. Select a Tag Namespace (optional) and enter a Tag Key.
  3. To narrow tag filtering, you can define supplementary patterns on which to filter. By default, Match any value is selected. To define additional Tag Key pattern filtering criteria, click Match any of the following and enter the text to be used for filtering. You can define additional text filtering criteria by clicking Add (+) and entering the desired text.
  4. Click Apply Filter.

    To remove the filter, click Clear.

Prerequisites for Enabling Resources

Operations Insights pulls in resource data from multiple sources. Depending on the telemetry, adding resources may require specific prerequisites be met before enabling them for Operations Insights.

There are three telemetries where target data can be pulled from:

The following list prerequisites for each.

Cloud Infrastructure

For autonomous databases running in OCI, there are no prerequisites.

Enterprise Manager

  • Targets must be part of a group (defined in Enterprise Manager).
  • An Object Storage bucket must exist. The visibility of this bucket MUST be private.
  • An OCI bridge must exist.
  • An EM bridge must exist.
  • The EM Bridge requires a policy:
    allow dynamic-group <group_name> to read object-family in compartment <bucket_compartment_name> where ANY{target.bucket.name='embridge-bucket'}

    For instructions on defining policies, see Set Up Groups, Users and Policies.

See Adding Enterprise Manager Targets for more information.

Agent Service

  • Database or Host must be monitored by an OCI Management Agent Service. For more information, see Management Agent.
  • The database needs to have been created and a connector created in the external database handle. For more information, see Creating External Database Handles.
  • In addition to the policies required by the Management Agent setup (Set Up Oracle Cloud Infrastructure for Management Agents), the following two policy statements are also needed in this policy.
    allow dynamic-group Management-Agents-Group to use opsi-family in compartment ABC where request.principal.type = 'managementagent'
    allow dynamic-group Management-Agents-Group to use metrics in compartment ABC

    The reason the metrics policy statement is re-listed is due to the fact that the database can live in a separate compartment from the Management Agent/host. The compartment ABC should be the compartment where the external database was created. The opsi-family policy must be created for both the Management Agent compartment AND the database compartment.

Working with Operations Insights Resources

The first step to using Operation Insights is to enable resources for the service. This allows you to use Operation Insights' powerful analysis and forecasting tools to optimize performance of your IT assets. Operations Insights resources can be disabled and re-enabled as required.

You can:

Enable Databases for the Service

Once a database is enabled, you'll be able to use Operations Insights Capacity Planning and Oracle SQL Warehouse features to optimize performance and resource usage.

Note

The data may take up to 24 hours to appear.

If you want to view more granular data (7 days or less), you can select a smaller time range.

To enable one or more databases from a compartment for Operations Insights, log in to OCI and do the following:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration and then Database Fleet..The Database Fleet Administration page displays.
  2. Click Add Databases. The Add Databases to Operations Insights dialog displays.
  3. Click on the desired Telemetry. Available telemetries are:
    • Cloud Infrastructure: Autonomous databases running in OCI
    • Enterprise Manager: Databases monitored and managed via Enterprise Manager. You'll need to select the EM Bridge. In addition, you'll also need to select the destination compartment as shown in the next step.
    • Agent Service: Databases monitored by the OCI Management Agent Service. You'll need to select the destination compartment as shown in the next step. In addition, you'll also need to select an external connector.
  4. Select the Compartment that contains the database that you want to enable for Operations Insights.
    Note

    This is not needed for Enterprise Manager databases (you select the EM bridge instead) and you choose the destination compartment.

    For Management Agent databases you must also select the connector after selecting the database to enable.

    Optionally, if there are many databases and you know which ones you want to enable, you can filter the returned results based on database type.
  5. Select a database to enable.
    Note

    Autonomous Databases and Enterprise Manager databases allow you to multi-select databases for enablement. The multi-select feature is not available for databases monitored by Management Agents.
  6. Click Enable. The enable request is submitted for processing. Depending on amount of data that needs to be uploaded, it may take a few minutes for the process to complete. Data may take up to 24 hours to appear in Operations Insights for newly enabled database.

Available Actions

Once you've added a database to Operations Insights, in addition to enabling and disabling the database, you can also add tags and move these resources to different compartments (only Enterprise Manager databases can be moved). These actions can be accessed by clicking the vertical ellipses for any database in the Database Fleet table.

Note

Autonomous Databases and databases monitored by Management Agents follow the DBaaS resource compartment.

Disable Databases for the Service

If you no longer want a database covered by Operations Insights capacity planning and SQL analytics functionality, you need to disable the enabled database for Operations Insights.

To disable a database for Operations Insights, log in to OCI and do the following:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration and then Database Fleet..

    The Database Fleet Administration page displays.

  2. Choose the Compartment that contains the database that you want to disable for Operations Insights. Optionally, if there are many databases and you know which ones you want to disable, you can filter the returned results based on database type.

    The Operations Insights State column indicates whether or not a database is currently enabled or disabled.

  3. Select a database to disable.
    Note

    Currently, you can only select one database at a time.
  4. From the Actions menu, select Disable Operations Insights. Operations Insights asks whether you want to enable the selected database.
  5. Click Disable. The disable request is submitted for processing.

Enable Hosts for the Service

Once a host is enabled, you'll be able to use Operations Insights Capacity Planning features to optimize performance and resource usage.

To enable one or more hosts from a compartment for Operations Insights, log in to OCI and do the following:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration and then Host Fleet.

    The Host Fleet Administration page displays.

  2. Click Add Hosts. The Add Hosts to Operations Insights dialog displays with the Agent Service telemetry selected.
  3. Click on the desired Telemetry. Available telemetries are:
    • Enterprise Manager: Hosts monitored and managed via Enterprise Manager. You'll need to select the EM Bridge. In addition, you'll also need to select the destination compartment as shown in the next step.
    • Agent Service: Hosts monitored by the OCI Management Agent Service. You'll need to select the destination compartment as shown in the next step.
  4. Select the Management Agent Compartment that contains the host that you want to enable for Operations Insights. Optionally, if there are many hosts and you know which ones you want to enable, you can filter the returned results based on Host Display Name.
    Note

    This only applies to Agent-based hosts. For hosts monitored by Enterprise Manager, you must select the Compartment/Bridge.
  5. Select one or more hosts to enable.
  6. Click Enable. The enable request is submitted for processing. Depending on amount of data that needs to be uploaded, it may take a few minutes for the process to complete. Data may take up to 24 hours to appear in Operations Insights for newly enabled hosts.

Available Actions

Once you've added a host to Operations Insights, in addition to enabling and disabling the host, you can also add tags and move these resources to different compartments. These actions can be accessed by clicking the vertical ellipses for any host in the Host Fleet table.

Disable Hosts for the Service

If you no longer want a host covered by Operations Insights capacity planning functionality, you need to disable the enabled host for Operations Insight

To disable a database for Operations Insights, log in to OCI and do the following:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration and then Host Fleet.

    The Host Fleet Administration page displays.

  2. Choose the Compartment that contains the host that you want to disable for Operations Insights. Optionally, if there are many hosts and you know which ones you want to disable, you can filter the returned results based on Host Display Name.

    The Operations Insights State column indicates whether a host is currently enabled or not.

  3. Select a host to disable.
    Note

    Currently, you can only select one host at a time.
  4. From the Actions menu, select Disable Operations Insights. Operations Insights asks whether you want to enable the selected host.
  5. Click Disable. The disable request is submitted for processing.

Enable Exadata Systems for the Service

Once an Exadata System is enabled, you'll be able to use Exadata Insights capacity planning features to optimize performance and resource usage.

To enable one or more Exadata Systems from a compartment for Exadata Insights, log in to OCI and do the following:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration.
  2. From the Operations Insights menu, click Exadata Fleet.
  3. Click Add Exadata System. The Add Exadata System to Operations Insights dialog displays.
  4. Select the EM Bridge that contains the Exadata System(s) you want to add from the drop-down menu. If necessary, you can change the compartment where the bridge is located.
  5. Select the Exadata System you want to add from the drop-down menu. Members of the Exadata System are displayed in the Members table.
    Note

    The database and host targets are shown in this table are the only ones which will be created as first-class OCI resources.
  6. Select the Destination Compartment from the drop-down menu.
  7. All Exadata System members shown in the table will be enabled for Operations Insights. Optionally, you can change the Destination Compartment.
  8. By default, the list of Exadata System members will be automatically synchronized to match the member resources in Enterprise Manager. If desired, you can turn off this feature, however, you will have to manually add members via the Exadata Details administration page if new members are added to the Exadata System.
    Note

    Members will not be automatically disabled or deleted.
  9. Click Add Exadata System. The Exadata details page displays.

Available Actions

Once you've added an Exadata System to Operations Insights, in addition to enabling and disabling the system, you can also add tags and move these resources to different compartments (only Enterprise Manager databases can be moved), change the auto-synchronization settings, and add new members.

Disable Exadata Systems for the Service

To disable an Exadata System for Operations Insights, log in to OCI and do the following:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration and then Exadata Fleet.

    The Exadata Fleet Administration page displays.

  2. Choose the Compartment that contains the Exadata System that you want to disable for Operations Insights. Optionally, if there are many hosts and you know which ones you want to disable, you can filter the returned results based on Exadata System Name.

    The Operations Insights State column indicates whether an Exadata System is currently enabled or not.

  3. Select an Exadata System to disable.
  4. From the Actions menu, select Disable Operations Insights. Operations Insights asks whether you want to disable the selected system.
  5. Click Disable. The disable request is submitted for processing.

Adding Enterprise Manager Targets

You can use Operations Insights to perform resource analysis against databases and hosts managed by Enterprise Manager.

Enterprise Manager lets you transfer data from Enterprise Manager targets and Oracle Management Repository (OMR) to an OCI Object Storage bucket, where it is easily accessed by Operations Insights.

System Prerequisites

  • Enterprise Manager 13.5 Release Update 1 or above
  • DB Plugin version 13.5.1.0.0 or above

Data transfer from Enterprise Manager to Operations Insights is configured in two steps:

  1. Set up target-level data transfer from Enterprise Manager to OCI Object Storage.
  2. Set up data transfer from OCI Object Storage to Operations Insights.

Each step involves setting up a data transfer bridge. There are two bridges involved in Enterprise Manager-Operations Insights communication:

  • An Enterprise Manager OCI Bridge to move target-level data from Enterprise Manager to OCI Object Storage bucket.

  • An Operations Insights EM Bridge to move data from the OCI Object Storage bucket to Operations Insights for analysis.

EM Bridge Prerequisites

Before setting up the EM Bridge, you need to create Identity and Access Management (IAM) policies in order to read from the configured Object Storage Bucket. Create a dynamic group and provide permissions for the dynamic group to access the data in the above Object Storage compartment. Additionally, add policies to use the opsi-enterprise-manager-bridge resource, which is part of opsi-family aggregate resource-type. The following examples illustrate the policy creation process.

  • Example rule for bridge dynamic group where the resource can be in any compartment in tenancy:

    ALL {resource.type='opsienterprisemanagerbridge'}
  • Example rule for bridge dynamic group with specific resource compartment OCID:

    ALL {resource.type='opsienterprisemanagerbridge', resource.compartment.id = <opsienterprisemanagerbridge_resource_compartment_OCID>}
  • Example policy to allow the dynamic group READ access to the Object Storage bucket:

    allow dynamic-group <group_name> to read object-family in compartment <bucket_compartment_name> where ANY{target.bucket.name=<embridge-bucket>}
    Note

    For instructions on defining policies, see Set Up Groups, Users and Policies.

Data Flow

Once Enterprise Manager to Operations Insights connectivity is set up, your target data is automatically uploaded at frequent intervals to the Object Storage bucket so that Operations Insights is always working with the most recent target data.

The following graphic illustrates how target data flows from Enterprise Manager to an OCI service once the configuration process has been completed. Highlighted in red is the portion of the setup you will perform for Operations Insights.

Note

The Object Storage bucket must already exist before creating an EM Bridge.

Graphic illustrates the data flow from Enterprise Manager to Operations Insights

For instructions on setting up Enterprise Manager target-level data transfer to the Object Storage bucket and setting up the OCI Bridge for Operations Insights, see Integrating Enterprise Manager with OCI Services in the Enterprise Manager Cloud Control Administrator's Guide.

Create an EM Bridge

You create an EM bridge to move target-level data from an OCI Object Storage bucket to Operations Insights.

To create an EM bridge:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration. The Database Fleet option is selected by default in the Operation Insights navigation menu.
  2. Click EM Bridges. The EM Bridge Administration page displays.
  3. Click Create Bridge. The Create Enterprise Manager Bridge dialog displays.
  4. Enter the following:
    • EM Bridge Name: A user-friendly name that lets you easily identify the source.
    • Compartment: The compartment where the EM bridge will be located.
    • Bridge Description: A meaningful description detailing specifics about the bridge.
    • Bucket Name: The name of the Object Storage bucket where Enterprise Manager target-level data is being uploaded. For more information about buckets, see Managing Buckets.
  5. Click Create Bridge.

The newly created bridge will appear in the EM Bridge Administration page table. Once your bridge is created, you can click on the bridge name in the table to access the bridge's detail page where you can edit the bridge description, move the bridge to a different compartment, add tags, or add/enable/disable databases.

Delete an EM Bridge

You can delete an EM bridge to remove a connection between Operations Insights and the OCI Object Storage bucket.

Important: Before you can delete an EM bridge, you must first disable AND delete all Enterprise Manager resources associated with the EM bridge.

To delete an EM bridge:

  1. Open the navigation menu and click Observability and Management. Under Operations Insights, click Administration. The Database Fleet option is selected by default in the Operation Insights navigation menu.
  2. Click EM Bridges. The EM Bridge Administration page displays.
  3. In the EM Bridge table, click on the EM bridge you want to delete. The details page for the EM bridge displays.
  4. For each enabled resource in the table, choose Disable Operations Insights from the Actions menu. All resources must be disabled.
    Note

    Any Exadata Systems should be disabled and deleted first (this will also disable and delete the child databases and hosts).
  5. For each disabled database in the table, click the vertical ellipses to display the pop-up menu and choose Delete Operations Insights.
  6. Once all databases have been disabled and deleted, click Delete at the top of the EM Bridge details page to start the bridge deletion process.