Security Threat Tool¶
The Security Threat Toll runs regular checks against connected databases, alerting you if any servers pose a potential security threat.
The checks are automatically downloaded from Percona Platform and run every 24 hours. (This period is not configurable.)
They run on the PMM Client side with the results passed to PMM Server for display in the Failed security checks summary dashboard and the PMM Database Checks details dashboard.
Check results data always remains on the PMM Server, and is not to be confused with anonymous data sent for Telemetry purposes.
Where to see the results of checks¶
On your PMM home page, the Failed security checks dashboard shows a count of the number of failed checks.
More details can be seen by opening the Failed Checks dashboard using .
After activating the Security Threat Tool, you must wait 24 hours for data to appear in the dashboard.
How to enable the Security Threat Tool¶
The Security Threat Tool is disabled by default. It can be enabled in PMM Settings Page).(see
Checks made by the Security Threat Tool¶
||This check returns a warning if MongoDB authentication is disabled.|
||Warn if MongoDB/PSMDB version is not the latest.|
||Warn if there are users without passwords.|
||Warn if MySQL/PS/MariaDB version is not the latest.|
||Warn if PostgreSQL version is not the latest.|