Release 31.0.9

Release 31.0.9 contains one CVE-related security fix, a generous helping of other bug fixes, and a several small enhancements intended to improve supportability.

The codename for Horizon 31.0.9 is Ballokume.

Breaking changes

  • This release has moved to a newer major version of Spring Security to address a number of CVEs, which necessitated changes to the $OPENNMS_HOME/jetty-webapps/opennms/WEB-INF/applicationContext-spring-security.xml file, so if you have modified this file in your installs, be sure to note your changes so you can re-apply them to the updated version.

  • The script $OPENNMS_HOME/bin/install checked whether $myser equals $RUNAS before sourcing $OPENNMS_HOME/etc/opennms.conf, which caused startup to fail every time unless the script were run as root; if you have patched that file on your system, watch out for a .rpmsave or .dpkg-new file.


  • Codify code copyright conventions and guidelines (Issue NMS-13908)

  • Add diagnostic commands to Karaf shell for various internal schedulers (Issue NMS-14526)

  • Node Properties REST endpoint doesn’t include asset location data (Issue NMS-14785)

  • Add a method for finding and clearing alarms by TTicketID to OPA’s AlarmDAO (Issue NMS-15439)

  • Upgrade Spring Security (Issue NMS-15506)

  • Simplify the installation docs (Issue NMS-15518)

  • Docs: Add info about XSLT to XmlCollector (Issue NMS-15693)

  • Doc: Update DNS provisioning import adapter docs (Issue NMS-15694)


  • Remove unsupported configuration from documentation on Cortex Plugin (Issue NMS-14969)

  • Multiple CVEs for Axis 1.4 (Issue NMS-15061)


  • Fixing typo for event (Issue NMS-15421)

  • Sentinels need local copy of thresholding config. (Issue NMS-15422)

  • Event Datetime element parsing changed between M2018 and M2021 (Issue NMS-15471)

  • install script checks for equality of myuser and RUNAS before sourcing opennms.conf (Issue NMS-15610)

  • timeout is using DEFAULT_TIMEOUT value instead of the value from properties file when no -t option is specified (Issue NMS-15664)

  • Stop packaging activemq-web-console.war (Issue NMS-15686)

  • Database deadlock caused by JdbcFilterDao (Issue NMS-15696)

  • Karaf SSH locks up if connections are terminated improperly (Issue NMS-15714)


  • Need a way to get a heap dump in a Docker container — no jstack/jmap/jcmd (Issue NMS-15532)

  • Docs section about startup configuration and opennms.conf (Issue NMS-15634)

  • OpenAPI docs for Requisition REST service (Issue NMS-15639)

Release 31.0.8

Release 31.0.8 contains four security vulnerability fixes and a generous helping of other bug fixes. It also includes a few small enhancements to the startup scripts and other components.

The codename for Horizon 31.0.8 is Spritzgebäck.


  • POW Arithmetic Operator Does not work with Backshift Graphing Engine (Issue NMS-14779)

  • Cacheable HTTPS Responses - Cache Control Directive Missing or Misconfigured (Issue NMS-14936)

  • REST API: Deleting nodes fails with "could not insert: [org.opennms.netmgt.model.OnmsAssetRecord]" error message (Issue NMS-15033)

  • Plaintext Password Present in the Web logs (Issue NMS-15305)

  • Stored XSS on Quick-Add Node (Issue NMS-15308)

  • Geographical Map map search capability is not as described in the docs (Issue NMS-15426)

  • Foundation-2020: Snmp4JValueFactory: getOctetString displayable should be true (Issue NMS-15599)

  • Jetty CVE-2023-26048/CVE-2023-26049 (Issue NMS-15612)

  • Update to latest groovy 2.x (Issue NMS-15633)

  • $OPENNMS_HOME/etc/THIRD-PARTY.txt has gone missing with Horizon 31.0.6 and onwards (Issue NMS-15636)

  • SNMPv3 support for AES256 appears broken (Issue NMS-15637)

New Feature

  • Add a CLI mechanism to set the admin password (Issue NMS-15221)


  • Add KPI for boolean containerization status (Issue NMS-15368)

  • Add REST endpoint exposing usage analytics KPIs (Issue NMS-15371)

  • Usage statistics docs updated to include containerization status (Issue NMS-15627)


  • Smoke test improvements and small tweaks to help developers (Issue NMS-15387)


  • DOC: Pull changes into foundation branch (Issue NMS-15658)

Release 31.0.7

Release 31.0.7 is an off-cadence release containing several small bug fixes. Most notably, it upgrades the OpenNMS Plugin API host to version 1.4.0, enabling OPA plugins targeting that version to load successfully.

The codename for Horizon 31.0.7 is Snickerdoodle.


  • Adding new thresholds to an existing group often throws an IndexOutOfBoundsException (Issue NMS-15334)

  • A small typo in prevents artifacts from GitHub to be included in containers (Issue NMS-15592)

  • Syslog Northbounder maxMessageSize config option is not used (Issue NMS-15606)


  • Visualization of database-report templates in docs (Issue NMS-15423)

  • Add Velocloud plugin in our core and minion containers (Issue NMS-15567)


  • Implement collector config extensions – NMS side (Issue NMS-15585)

Release 31.0.6

Release 31.0.6 contains a bunch of bug fixes, along with fixes for several security vulnerabilities. It also upgrades the embedded Drools library from v7.x to v8.x, so be sure to test any custom rules that you depend on before moving to production.

The codename for Horizon 31.0.6 is Coyotas.


  • DOC: Document Newts fetch step / heartbeat settings in (Issue NMS-10155)

  • Document the function hiding Meta-Data values with keynames containing "password" or "secret" (Issue NMS-12808)

  • Scriptd consumes CPU even when it does nothing (Issue NMS-13216)

  • dependabot: upgrade Apache POI to at least 4.1.1 (CVE-2019-12415) (Issue NMS-14589)

  • POW Arithmetic Operator Does not work with Backshift Graphing Engine (Issue NMS-14779)

  • Form Can Be Manipulated with Cross-Site Request Forgery (CSRF) (Issue NMS-14865)

  • Multiple CVEs for cxf 3.2.8 (Issue NMS-15065)

  • The management of alarms (escalation, and acknowledge) on the new MAP UI does not work for user without ROLE_REST. (Issue NMS-15080)

  • Concurrent requests to rrd summary endpoint fails (Issue NMS-15086)

  • Statistics Reports → Export Excel fails with exception (Issue NMS-15148)

  • No health check for the OpenNMS Core container (Issue NMS-15291)

  • Inconsistent expectations on TimeseriesStorageManager.get() with null return values (Issue NMS-15323)

  • Polling and metrics storage can hard fail if opennms-timeseries-api is reloaded (Issue NMS-15325)

  • Destroying container for blueprint bundle leads to downstream problems (Issue NMS-15326)

  • The various SNMP extenders to not work with ifIndex-indexed resources (Issue NMS-15342)

  • SNMP Interfaces Endpoint returns multiple values [duplicates] when there are multiple "IP Interfaces" pointing to same SNMP-IfIndex "ipAdEntIfIndex". (Issue NMS-15352)

  • Missing XML Validation in Apache Xerces2 (Issue NMS-15373)

  • Adding or editing a schedule outage doesn’t reload the configuration for Threshd (Issue NMS-15420)

  • M2022 Minions > 2022.1.8 Cannot use SCV credentials (Issue NMS-15450)

  • Event Datetime element parsing changed between M2018 and M2021 (Issue NMS-15471)

  • Minimum system requirements does not enumerate RHEL9 support (Issue NMS-15499)

  • Cortex plugin has no (Issue NMS-15521)

  • upgrade Xalan to 2.7.3 (CVE-2022-34169) (Issue NMS-15578)


  • Deploy Release Jars to Maven Central (Issue NMS-14727)

  • DOC: Create documentation for vacuumd (Issue NMS-15440)

  • Upgrade Drools to 8.34.0.Final (from 7.31.0.Final) (Issue NMS-15459)

  • Update docs to include RHEL9 and Rocky/Alma compatability (Issue NMS-15500)

  • re-enable license maven plugin as a separate job (Issue NMS-15572)


  • DOC: Update replacement tokens documentation (Issue NMS-15045)

  • Vulnerable c3p0 packaged in Meridian 2021 (Issue NMS-15072)

  • DOC: Restructure Alarm History documentation (Issue NMS-15287)

Release 31.0.5

Release 31.0.5 is a bugfix release that also incorporates several documentation improvements, upgrades a couple of library dependencies, improves how plugins are included in the container images, and adds one small enhancement to the web UI.

The codename for Horizon 31.0.5 is Macaron.


  • Upgrade ActiveMQ to 5.15 (Issue NMS-12089)

  • Add documentation for using Scheduled Outages (Issue NMS-12621)


  • Replace wiki links across all codebase (Issue NMS-13912)

  • dependabot: mockito 3.4.6 to 4.6.1 (Issue NMS-14586)

  • DOC: Timeseries Documentation (Issue NMS-14959)

  • DOC: Configuration Manager API for External Requisitions is not documented (Issue NMS-15019)

  • Update dual write docs to clarify configuration (Issue NMS-15425)

  • Add collection package information to web UI (Issue NMS-15429)

  • PersistRegexSelectorStrategy is not where the docs say it should be (Issue NMS-15461)


  • Minion on Ubuntu fails to start (Issue NMS-15160)

  • Upgrade HikariCP to 5.x (Issue NMS-15171)

  • Docs: The "Housekeeping Tasks" page should not tell the user to always run on upgrade (Issue NMS-15296)

  • Elevation on Feather nav bar header casts undesirable shadow (Issue NMS-15367)

  • Docs: Update path reference for PostgreSQL config files (Issue NMS-15381)

  • opennms-karaf-health is not last in featuresBoot — might miss status for a few features (Issue NMS-15407)

  • Add Jdbc graph definitions for default collection set (Issue NMS-15419)

  • Invalid syntax due to typo in provisiond snmp graph (Issue NMS-15434)


  • Number examples in service monitor chapters (Issue NMS-15215)

  • Document the breaking changes done as part of Limit script file locations for GpDetector and ScriptPolicy (Issue NMS-15288)

  • Move the logic for downloading plugins into the Dockerfile (Issue NMS-15401)

Release 31.0.4

Release 31.0.4 introduces one breaking change (see below). It also brings a handful of containerization improvements, fixes several security vulnerabilities, upgrades many potentially vulnerable dependency libraries, fixes one bug in the BSM daemon, and fixes many non-security bugs.

Breaking changes

  • The GpDetector and ScriptPolicy now require that their scripts be located beneath $OPENNMS_HOME and beneath $OPENNMS_HOME/etc/script-policies, respectively. If you are using either of these classes in your foreign-source definitions, please address this requirement before upgrading to this release.

Known issues

The following known issues impact Horizon 31.0.4; we expect all to be fixed in the next micro-version release:

  • Regular users are unable to acknowledge or clear alarms from the geographical map’s integrated alarm browser. Until we identify a fix, it is possible to work around this problem by adding ROLE_REST to a user’s set of assigned roles. See NMS-15080 for details. Thanks to Ricardo Monteiro for bringing this problem to our attention.

  • On systems where dual-write time series persisting is enabled, an intermittent startup problem may cause either a delay in data starting to be persisted, or a hard failure necessitating a restarting of the core. See NMS-15326 for details.

  • The ALEC plugin currently cannot be successfully installed on a Sentinel node. At release time, it is unclear whether the problem lies in Sentinel or in ALEC. Some details are captured in NMS-15396.

Shout-outs and errata


  • Add search term highlight functionality in documentation (Issue NMS-13540)

  • Geo Map node groups should split into individual markers (Issue NMS-15150)

  • Meridian container images are signed (Issue NMS-15341)

The codename for Horizon 31.0.4 is Otap.


  • remove image related defaults from Docker container makefile (Issue NMS-13583)

  • Add documentation for SELinux as a requirement to run OpenNMS (Issue NMS-14210)

  • No way to know the alarm type (as type 1, 2 or 3) from web UI (Issue NMS-14578)

  • Deploy Release Jars to Maven Central (Issue NMS-14727)

  • Make the cloud connect plugin available in container images (Issue NMS-15012)

  • Data collection and graph definitions for provisiond performance (Issue NMS-15018)

  • DOC: Configuration Manager API for External Requisitions is not documented (Issue NMS-15019)

  • Update docs with steps to activate Path Outage feature (Issue NMS-15218)

  • Container: output some details when we copy files into the container in (Issue NMS-15226)

  • Update VMware provisiond handler docs (Issue NMS-15270)

  • Make the ALEC plugin available in container images (Issue NMS-15349)

  • Make the Cortex TSS plugin available in container images (Issue NMS-15350)

  • Smoke test improvements and small tweaks to help developers (Issue NMS-15387)


  • Multiple stored and reflected XSS in webapp (Issue NMS-14854)

  • Authenticated Command Injection in GpDetector and ScriptPolicy (Issue NMS-14878)

  • Cacheable HTTPS Responses - Cache Control Directive Missing or Misconfigured (Issue NMS-14936)

  • reloading BSM daemon causes the state of serviceProblem alarm to be reset (Issue NMS-15124)

  • Notification number doesn’t show more than 2 digits (Issue NMS-15172)

  • Jetty context startup failures are not clearly communicated to the user (Issue NMS-15179)

  • CVE-2017-7504 for javassist 3.18.2-ga and 3.19.0-ga (Issue NMS-15191)

  • CVE-2017-7504 for jboss-logging 3.1.0.cr2 (Issue NMS-15192)

  • CVE-2014-2228 for org.restlet 1.1.10 (Issue NMS-15193)

  • CVE-2019-13990 for quartz 2.2.3 (Issue NMS-15194)

  • CVE-2022-45047 for sshd-sftp 2.5.1 (Issue NMS-15195)

  • CVE-2021-21342 and 7 others for xstream (Issue NMS-15196)

  • CVE-2014-9970 for jasypt 1.9.0 (Issue NMS-15197)

  • CVE-2021-33813 for jdom2 2.0.6 (Issue NMS-15198)

  • CVE-2022-40149 and CVE-2022-40150 for jettison 1.3.8 (Issue NMS-15199)

  • CVE-2016-5725 for jsch 0.1.51 (Issue NMS-15200)

  • CVE-2022-3171 for protobuf-java 3.16.1 (Issue NMS-15201)

  • CVE-2018-17187 for proton-j 0.14.0 (Issue NMS-15202)

  • CVE-2017-15288 and CVE-2020-7907 for scala-library 2.11.0 and 2.12.12 (Issue NMS-15203)

  • CVE-2020-13936 for velocity 1.7 (Issue NMS-15204)

  • CVE-2020-11988 for xmlgraphics-commons 1.4 (Issue NMS-15205)

  • rescanExisting does not trigger a nodeScan for newly added nodes when scan-interval is 0 in foreignSource definition (Issue NMS-15208)

  • Update docs TOC to include missing notification commands file (Issue NMS-15266)

  • CircleCI: integration-test job isn’t reporting test results (Issue NMS-15271)

  • NPE in karaf.log when parallel TSDB writes enabled (Issue NMS-15282)

  • Sanitize request parameters in outage/list.htm (Issue NMS-15294)

  • Plaintext Password Present in the Web logs (Issue NMS-15305)

  • Upgrade Apache Kafka Dependency Beyond 3.2.0 (Issue NMS-15317)

  • RingBufferTimeseriesWriter.destroy can take a long time or hang due to BlockingServiceLookup.lookup in WorkProcessors (Issue NMS-15324)

  • Dead transaction in flow thresholding on sentinel (Issue NMS-15340)

  • Regular requisition editor empty state incorrectly names external requisitions (Issue NMS-15347)

  • When we fail to startup, we don’t exit with a non-zero exit code so failures cannot be properly reflected in containers (Issue NMS-15386)

  • ALEC plugin dependency update (Issue NMS-15391)


  • CVE in Jolokia 1.3.3 dependency (Issue NMS-15068)

  • CVE-2021-37714 for jsoup (multiple versions) (Issue NMS-15069)

  • vulnerable Junit dependency (Issue NMS-15074)

  • RHEL9 installation documentation tab (Issue NMS-15079)

  • Document deviceconfig tftp maximumReceiveSize (Issue NMS-15121)

  • JAVA_KEYALIAS Variable needs to be updated (Issue NMS-15239)

  • JAVA_KEYSTORE Variable needs to be updated (Issue NMS-15240)

  • JAVA_STOREPASS Variable needs to be updated (Issue NMS-15241)

  • Document the breaking changes done as part of Limit script file locations for GpDetector and ScriptPolicy (Issue NMS-15288)

  • Release notes / wart: ALEC not installable on M2023.1.0 / H31.0.4 Sentinel (Issue NMS-15403)

  • Release notes / wart: dual-write TS delay on startup (Issue NMS-15404)

  • Release notes / wart: Geo map alarms and ROLE_REST (thank Ricardo Monteiro for the report) (Issue NMS-15406)


  • Publish container images to a container registry other than DockerHub (Issue NMS-15091)

Unexpected Behavior

  • Link on Netflow9 to main Netflow doc is broken (Issue NMS-15144)

Release 31.0.3

Release 31.0.3 is a minor release which fixes a number of UI and backend bugs, brings one small UI enhancement, patches two potential security vulnerabilities, and formalizes support for RHEL 9 and PostgreSQL 15.

The codename for Horizon 31.0.3 is Biscotti.


  • Geo Map: Add content to the map marker pop up (Issue NMS-13698)

  • Uncontrolled Resource Consumption in Jackson-databind (Issue NMS-15030)

  • Add flow version table to Flow Introduction (Issue NMS-15158)

  • Change OpenNMS Copyright from 2022 to 2023 (Issue NMS-15211)

  • Change OpenNMS Copyright from 2022 to 2023 in the documentation footer (Issue NMS-15212)


  • Include Minion version on "Manage Minions" page (Issue NMS-14493)

  • Update docs to include RHEL 9 install instructions (Issue NMS-15147)

  • Test and Document Support for PostgreSQL 15 (Issue NMS-15151)


  • RRD persistence with default configs in our Horizon OCI points to wrong (Issue NMS-14778)

  • Chrome/Edge Web Browser : Geographical Map Node Counters are wrong (Issue NMS-14792)

  • Form Resubmission From Cache (Issue NMS-14933)

  • Web UI menu item "Endpoints" not in best location (Issue NMS-15004)

  • Incorrect labels on OpenNMS-JMX collection resource types (Issue NMS-15044)

  • Snmp collect reversing to unticked after a few hours (Issue NMS-15117)

  • Log Out does not work from new nav-bar menu (Issue NMS-15119)

  • reloading BSM daemon causes the state of serviceProblem alarm to be reset (Issue NMS-15124)

  • Vue Menubar items obscured by Geo Map (Issue NMS-15149)

  • Flows adapters don’t start on Sentinel running as a container. (Issue NMS-15161)


  • Formalize support for RHEL 9 and its derivatives (Issue NMS-14897)


  • Fix smoke test for new UI (Issue NMS-14910)

  • Add JSON support (in additional to GBP) to the Kafka producer for flows (Issue NMS-15027)

  • publish opennms-plugin-cloud 1.0.6 (Issue NMS-15142)

Release 31.0.2

Release 31.0.2 is a minor release which fixes a great many bugs and security vulnerabilities, updates the versions of many library dependencies, and introduces some enhancements related to Minion Appliances. The official documentation has also received significant improvements.

The documentation for enabling JAAS encryption for Minion and Sentinel has changed. If you have enabled encryption previously and wish to enable stronger Jasypt-based encryption, you need to reset any existing user passwords.

The codename for Horizon 31.0.2 is Stroopwafel.


  • Failures when jaeger tracing is enabled on Core server and Minion (Issue NMS-14550)

  • Missing /run/opennms on Ubuntu (Issue NMS-14650)

  • javadoc not being generated in H31 (Issue NMS-14750)

  • OpenNMS opennms start fails on Ubuntu (Issue NMS-14838)

  • Regression: install script fails if an OpenNMS directory contains root-owned lost+found directory (Issue NMS-14919)

  • No /var/lib/opennms on 30.0.4 Docker image (Issue NMS-14976)

  • XML Entity Expansion Injection in geolocation API (Issue NMS-14988)

  • UI Preview: UI Plugins do not work if multiple are installed (Issue NMS-14996)

  • OIA Pollers non-functional (Issue NMS-15001)

  • Web UI menu item "Endpoints" not in best location (Issue NMS-15004)

  • Icon for admin menu items missing from some items (Issue NMS-15005)

  • Remove reference to remote pollers (Issue NMS-15017)

  • Lock contention in SnmpPeerFactory (Issue NMS-15042)

  • opennms rpm could get wrong jetty files (Issue NMS-15043)

  • Horizon Karaf container not healthy after installing opennms-timeseries-api with opennms-plugins-cortex-tss (Issue NMS-15078)

  • RHEL9/CentOS9/Rocky 9 need chkconfig package to enable service properly (Issue NMS-15093)

  • Default limit of 10 is not working for event queries (Issue NMS-15123)


  • Dependabot: leaflet from 1.7.1 to 1.8.0 (Issue NMS-14584)

  • Error compiling Cisco MIB (Issue NMS-14640)

  • Doc update: Enable salted hash passwords within Karaf for core/Minion/Sentinel (Issue NMS-14736)

  • Add "admin" disambiguation to Glossary (Issue NMS-14914)

  • simplify docker tags in H31+ (Issue NMS-14989)

  • Update Debian/Ubuntu Upgrade Instructions (Issue NMS-15087)

  • dependabot: Upgrade PostgreSQL dependency to 42.4.3 (or higher) (Issue NMS-15095)

  • Update style elements in Quick Start guide (Issue NMS-15106)

Unexpected Behavior

  • RPM packages fail to install when FIPS Enabled (Issue NMS-14628)


  • Upgrade AngularJS to latest 1.x (Issue NMS-14715)

  • Apache Log4j 1.x Multiple Vulnerabilities (PB-2022, Sep 2022) (Issue NMS-14818)

  • Modify foreign source in HeartbeatConsumer to ignore docker interfaces and detect SNMP agent (Issue NMS-14855)

  • OpenShift test coverage (Issue NMS-14882)

  • SNMP Community retrieval through SCV on Minion (Issue NMS-15008)

  • Add JSON support (in additional to GBP) to the Kafka producer for flows (Issue NMS-15027)

  • Backport deploy-base update from develop to release-31.x (upgrades JRE minor version, adds vim-tiny, less) (Issue NMS-15046)

  • Add KPI for Appliance count by model (Issue NMS-15051)


  • Quick Start: "Beyond Quick Start" chapter (Issue NMS-14735)

  • H31 Release testing (Issue NMS-14797)

  • Review enlinkd documentation (Issue NMS-14850)

  • Update Visualization topic in Quick Start guide (Issue NMS-15029)

  • Fix Antora version differences (Issue NMS-15088)

  • Update opennms-plugin-cloud to 1.0.4 (Issue NMS-15122)

Release 31.0.1

Release 31.0.1 is a small out-of-band release to address some issues found during 31.0.0 testing.

It contains a few small changes including a fix for unusually large docker images and some other small bug fixes, as well as some updates to the new Quick Start Guide and a fix to the installation instructions for the Cortex plugin.

Please note there is a known issue that only one plugin entry shows up in the navigation bar’s "Plugins" menu, even if multiple plugins are installed. Only ALEC users who install the cloud connector are impacted. ALEC users therefore should avoid the Cloud Services Connector plugin until a new release fixes the underlying bug.

The codename for Horizon 31.0.1 is Oreo.


  • OpenAPI Validation Errors (Issue NMS-14408)

  • Snmp Polling Status shows Polled even though it’s actually not (Issue NMS-14653)

  • Duplicated message when alarm is not found (Issue NMS-14686)

  • Errors while installing opennms-timeseries-api from karaf shell (Issue NMS-14874)

  • When you delete/put memo or journal it always returns 204 even if alarm not exists (Issue NMS-14901)

  • NoSuchElementException errors thrown by EnhancedLinkd (Issue NMS-14912)

  • Docs for Cortex plugin are incorrect (Issue NMS-14945)

  • Horizon/Sentinel docker image size ballooned (Issue NMS-15006)

  • HZN 31: Ubuntu installation issues (Issue NMS-15007)


  • Quick Start: Review entire quick start section when complete. (Issue NMS-14721)

  • New UI Preview: Ensure ALEC UI works (Issue NMS-14891)


  • Update Quick Start login chapter (Issue NMS-14984)

  • Update notifications.adoc in Quick Start section (Issue NMS-14985)

  • Update Quick Start notifications configuration chapter (Issue NMS-14999)

Release 31.0.0

Release 31.0.0 is a new major release. It contains several new features, including the Cloud Services Connector with Time Series DB support and a new quick-start guide. Notable enhancements include integration of the Horizon 30 "UI Preview" items into the main UI and performance improvements to network topology discovery. It also includes an important bug fix correcting a regression that rendered Horizon 30 unable to run in OpenShift environments, besides many other important bug and security fixes.

The codename for Horizon 31.0.0 is Doppelkeks.


  • Remove the need for minion to connect via HTTP (REST) and use Object replication to accomplish this. (Issue NMS-13379)

  • Geo Map rewrite using Vue 3 and JS (Issue NMS-13387)

  • Add OpenAPI docs for existing Rest API (Issue NMS-13491)

  • DCB - Implement the ability in OpenNMS to connect and retrieve configuration from devices (Issue NMS-13763)

  • DCB - Implement the ability to store the device configuration in a repository and related activities (Issue NMS-13764)

  • DCB - Implement the ability to select devices for backup and trigger backup (Issue NMS-13766)

  • DCB - Implement the scheduling of config backup (Issue NMS-13767)

  • DCB - UI implementation for the device config backup (Issue NMS-13966)

  • Cloud Connect: Ship H31 with cloud plugin already installed (Issue NMS-14471)

  • Create "Quick Start" guide for operations section of docs (Issue NMS-14611)

  • Fold the H30 "UI Preview" bits into the main UI (Issue NMS-14730)

  • Horizon core work needed to make Appliances first-class entities (Issue NMS-14783)

  • H31 OpenShift compatibility (Issue NMS-14881)

  • H31 Topology Discovery Improvements (Issue NMS-14883)

  • H31 OpenAPI Improvements (Issue NMS-14893)


  • BSMAdminIT flapping (Issue NMS-9334)

  • non-root broke openshift (Issue NMS-13572)

  • Package description for Minion and Sentinel reference Wiki (Issue NMS-13864)

  • Database reports need to be rebranded (Issue NMS-14058)

  • External Requisition UI: Obfuscate vmware password in URL (Issue NMS-14320)

  • features/topology: right panel menu is not reactive to sublayer context menu (Issue NMS-14342)

  • features/topology: tooltip - PowerGrid (D3/Circle layout) (Issue NMS-14343)

  • BmpIT flapping (Issue NMS-14360)

  • Fix Smoke Test for GraphMLTopologyIT (Issue NMS-14374)

  • features/topology: contextmenu - PowerGrid (D3/Circle layout) (Issue NMS-14377)

  • Rename integration tests that are currently running as unit tests (Issue NMS-14462)

  • Provisioning - Config SMNP Community does not support for more than 10 locations (Issue NMS-14548)

  • Unexpected interfaceDown event/alarm during a scheduled outage (Issue NMS-14695)

  • Investigate the failure in integration-test job (Issue NMS-14697)

  • Admin can’t assign user to 'On-Call Role Schedule' (Issue NMS-14739)

  • Error using javax.mail.* packages in plugins (Issue NMS-14747)

  • opennms:metadata-test command is not present in Karaf shell (Issue NMS-14754)

  • Update QS based on ONMSU feedback (Issue NMS-14756)

  • Debian/Ubuntu gpg deprecation warning (Issue NMS-14760)

  • Grafana Dashboard report fails on "row" (Issue NMS-14784)

  • Topology-Map Layer broken (Issue NMS-14791)

  • Invalid redirect when behind a reverse proxy (Issue NMS-14805)

  • External Requisition UI - Blank pull down menus on Add (Issue NMS-14824)

  • Geocoder webui toggle switch shows "Ye" instead of "Yes" (Issue NMS-14841)

  • Scheduled scan fails to inform nodeScanAborted events (Issue NMS-14853)

  • Alarms and Events: filter and advanced search / method POST is not supported (Issue NMS-14918)

  • Docs for Cortex plugin are incorrect (Issue NMS-14945)

  • Wrong example of snmp-graph config for SNMP Trap Performance Data article (Issue NMS-14961)


  • Flow Thresholds: Split processing and persistence (Issue NMS-13770)

  • Remove Vaadin-based Geographical Map (Issue NMS-13856)

  • Create a profile that skips building licenses (Issue NMS-14068)

  • Upgrade JUnit from version 4 to 5 (Issue NMS-14302)

  • Remove XMP protocol support (Issue NMS-14427)

  • Add KPI for DCB cumulative config count (Issue NMS-14580)

  • Add KPI for DCB cumulative backup failure count (Issue NMS-14581)

  • Add KPI for DCB cumulative web UI entries (Issue NMS-14582)

  • Populate Velocloud Partner Requisition with Gateway Nodes (Issue NMS-14593)

  • Implement OIA poller configuration extension (Issue NMS-14610)

  • Quick Start: Overview (Issue NMS-14612)

  • Quick Start: Login and create a user (Issue NMS-14613)

  • Quick Start: Turn on default notifications (Issue NMS-14614)

  • Quick Start: Import inventory (Issue NMS-14615)

  • Quick Start: Collect performance data (Issue NMS-14616)

  • Quick Start: Set up a threshold (Issue NMS-14617)

  • Quick Start: Establish a baseline (Issue NMS-14618)

  • Quick Start: Determine service availability (Issue NMS-14619)

  • Quick Start: Configure notifications (Issue NMS-14620)

  • Quick Start: Visualize data (Issue NMS-14621)

  • Add KPI for startup time (Issue NMS-14622)

  • Publish images to Docker Hub (Issue NMS-14626)

  • Implement connection manager (Issue NMS-14772)

  • Enhance Vue UI Preview Menubar to look like OG menubar (initial version) (Issue NMS-14800)

  • Initial Rest API endpoint and data model for Vue menubar dynamic creation (Issue NMS-14801)

  • Wire up new Vue menubar with Rest API for dynamic menu creation (Issue NMS-14802)

  • Remove NavRail from Vue UI Preview application (Issue NMS-14803)

  • New UI Preview: Ensure OPA UI plugins work (Issue NMS-14804)

  • Provide UUID for system id (Issue NMS-14839)

  • Modify foreign source in HeartbeatConsumer to ignore docker interfaces and detect SNMP agent (Issue NMS-14855)

  • Cloud plugin packages part of default install (Issue NMS-14892)

  • Packaging for cloud plugin (Issue NMS-14894)

  • Feather UIs get breadcrumbs mimicking OG UI (Issue NMS-14900)

  • Double-shift to focus Feather nav-bar Search box (Issue NMS-14902)

  • Nav-bar Search returns Plugin entries (Issue NMS-14903)

  • OG and Feather nav-bars use same chromatic black (Issue NMS-14904)

  • OG and Feather nav-bar styling match as closely as possible (Issue NMS-14905)

  • Decorate admin-only items in nav-bar menu (Issue NMS-14906)

  • Horizon packages provide versioned OPA dependency package (Issue NMS-14920)

  • Support interface, service and time property for events in OpenNMS-part of OIA (Issue NMS-14926)

  • Define event definitions (Issue NMS-14928)

  • Create scheduled EventIngestor for Velocloud events (Issue NMS-14929)

  • Replace 'exit' with 'quit' in Juniper DCB scripts (Issue NMS-14939)

  • SNMP systemDef added for appliance products (Issue NMS-14956)


  • Update Heatmap chapter (Issue NMS-13674)

  • Provide guidance with debugging the flow sequence (Issue NMS-14122)

  • Reference: add alt text for images and tables (Issue NMS-14631)

  • Add KPI counters for DCB successful and failed backup (Issue NMS-14641)

  • Quick Start: move content into Deep Dive section (Issue NMS-14652)

  • OpenNMS system needs a unique identifier for TSaaS Communication (Issue NMS-14684)

  • UI update for DCB KPI (Issue NMS-14687)

  • REST API update for DCB KPI (Issue NMS-14688)

  • Quick Start: Review entire quick start section when complete. (Issue NMS-14721)

  • Quick start: review related deep dive chapters (Issue NMS-14722)

  • Quick Start: "Beyond Quick Start" chapter (Issue NMS-14735)

  • Sonarcloud coverage for foundation-2022 (Issue NMS-14759)

  • Refactor Enlinkd Test NetworkBuilder Class (Issue NMS-14762)

  • H31 Release testing (Issue NMS-14797)

  • Update documentation to reflect removal of UI Preview (Issue NMS-14825)

  • Documentation for Cloud Services Connector and Time Series DB (Issue NMS-14844)

  • Changes to package-lock.json causes eslint to be not found (Issue NMS-14943)

  • Assign sysObjectID for Appliance Mini (Issue NMS-14955)

  • Release notes blurb about OpenShift (Issue NMS-14960)

  • Release notes: Only one plug-in shows in UI (Issue NMS-14982)


  • HostResourceSwRunMonitor uncovered parameter for min-services and max-services (Issue NMS-11825)

  • Set always ifindex for enlinkd links (Issue NMS-13943)

  • Allow test mode flags in restart command (Issue NMS-13991)

  • Aruba AOS-CX datacollection config (Issue NMS-14056)

  • Global search box: gap between input field and dropdown result list (Issue NMS-14315)

  • features/topology: update branch with develop (Issue NMS-14332)

  • Create Topology Providers for Combined Protocols (Issue NMS-14392)

  • EnhancedLinkd Collection priority Scheduling (Issue NMS-14397)

  • Enlinkd tests clean compile warnings (Issue NMS-14432)

  • Enlinkd Clean Config Classes (Issue NMS-14433)

  • Enlinkd Clean Persistence Classes (Issue NMS-14434)

  • Enlinkd Clean Service Classes (Issue NMS-14435)

  • Enlinkd Clean Adapters Classes (Issue NMS-14436)

  • Simplify BridgeSimpleConnection Class (Issue NMS-14479)

  • Move BridgeDiscovery to new project Enlinkd Adapters Discovers Bridge (Issue NMS-14540)

  • Bridge Topology Discovery, Move BridgeTopologyException (Issue NMS-14541)

  • standardize docker containers to use tarballs (Issue NMS-14573)

  • Spelling correction in DEBUG discovery.log entries (Issue NMS-14757)

  • Add Priority Executor Classes (Issue NMS-14763)

  • Set Up Enlinkd schedule time interval based on protocols (Issue NMS-14764)

  • Move Common Adapter Enlinkd classes to Core (Issue NMS-14771)

  • Provide SubNetwork Classes for Enhanced Linkd (Issue NMS-14773)

  • Add network/netmask tools to InetAddressUtils (Issue NMS-14774)

  • Delete disabled protocol persisted data (Issue NMS-14798)

  • Dynamic Yaml Generation, code and output clean up (Issue NMS-14810)

  • Add support for rows in Grafana Dashboard Report (Issue NMS-14885)

  • Move Enlinkd daemon docs to Reference section (Issue NMS-14913)


  • features/topology: upgrade dependencies (Issue NMS-14341)

Unexpected Behavior

  • Missing datacollection file does not bring valueable error message (Issue NMS-12991)


  • Can the OG nav-bar coexist with a Feather / Vue app? (Issue NMS-14731)