Skip to content
OpsTower Docs

MongoDB Connection

The MongoDB connection integrates your MongoDB database with OpsTower, giving agents the ability to run read-only find and aggregate queries against your collections. All queries return results capped at 100 documents per query.

Prerequisites

Section titled “Prerequisites”

You need a MongoDB instance that is accessible over the internet. MongoDB Atlas, self-hosted instances, and managed providers (Railway, Render, etc.) are all supported.

Credentials Required

Section titled “Credentials Required”

To set up a MongoDB connection, you need the following:

  • Connection String — a standard MongoDB connection URI (mongodb:// or mongodb+srv://)
  • Database (optional) — the default database name for queries (overrides the database specified in the connection string)

How to Find Your Connection String

Section titled “How to Find Your Connection String”

MongoDB Atlas

Section titled “MongoDB Atlas”
  1. Log in to cloud.mongodb.com and open your cluster.
  2. Click Connect in the cluster overview.
  3. Select Drivers as the connection method.
  4. Copy the connection string. It will look like: mongodb+srv://username:password@cluster0.abc123.mongodb.net/mydb
  5. Replace <password> with your database user’s actual password.

Self-Hosted

Section titled “Self-Hosted”

Use the standard MongoDB connection string format:

mongodb://username:password@host:27017/database

Railway / Render / Other Providers

Section titled “Railway / Render / Other Providers”

Copy the MongoDB connection string from your provider’s dashboard. It is usually found in the service’s connection or environment variables section.

Network Access (Atlas)

Section titled “Network Access (Atlas)”

Cloudflare Workers run across a global network of data centers and do not have fixed IP addresses. If you are using MongoDB Atlas, you must configure your network access to allow connections from any IP address.

  1. In the Atlas dashboard, go to Network Access in the left sidebar.
  2. Click Add IP Address.
  3. Click Allow Access from Anywhere, which sets the allowlist to 0.0.0.0/0.
  4. Click Confirm.

Your connection is still secured by username/password authentication and TLS encryption in transit. The IP allowlist is an additional layer, not the primary security mechanism.

Security Considerations

Section titled “Security Considerations”

OpsTower only runs read-only operations against your MongoDB database. Agents use find (with filters, projections, and sort) and aggregate (with pipelines) — no insert, update, or delete operations are performed.

For additional safety, create a dedicated read-only user for OpsTower:

db.createUser({
  user: "opstower",
  pwd: "your-secure-password",
  roles: [{ role: "read", db: "your_database" }]
});

This ensures that even if OpsTower’s query restrictions were somehow bypassed, the database user itself cannot perform mutations.

Setting Up the Connection in OpsTower

Section titled “Setting Up the Connection in OpsTower”
  1. In OpsTower, navigate to Connections in the sidebar.
  2. Click Add Connection and select MongoDB.
  3. Enter your Connection String.
  4. Optionally specify a Database name (leave blank to use the database from the connection string).
  5. Click Test Connection to verify your credentials.
  6. Click Save to create the connection.

What Agents Can Do with MongoDB

Section titled “What Agents Can Do with MongoDB”

Once connected and enabled on an agent, the agent can:

  • Run find queries with filters, projections, sorting, and limits
  • Run aggregate pipelines with stages like $match, $group, $sort, $project, $unwind, and $lookup
  • List all collections in the database with document counts and sample field structures
  • Reference the MongoDB query operator docs for syntax help

Agents are guided to use list_collections first to discover available data, then write targeted queries. The tool descriptions include links to MongoDB documentation so agents can self-serve when encountering unfamiliar query patterns.

Troubleshooting

Section titled “Troubleshooting”
  • Connection refused / timeout: Verify that your MongoDB instance is reachable from the internet. For Atlas, ensure you have set Network Access to Allow Access from Anywhere (0.0.0.0/0).
  • Authentication failed: Double-check the username and password in your connection string. Ensure the user exists and has read access to the target database.
  • Database not found: If you specified a database name, verify that it exists. You can leave the database field blank to use the default from the connection string.
  • “not primary” or replica set errors: Ensure your connection string includes the full replica set URI. For Atlas, always use the mongodb+srv:// format.
  • Slow queries: MongoDB agents are capped at 100 documents per query. Use specific filters and projections to narrow results. For aggregation, add $match stages early in the pipeline to reduce the working set.