Security Threat Tool
The Security Threat Tool runs regular checks against connected databases, alerting you if any servers pose a potential security threat.
All checks run on the PMM Client side. Results are sent to PMM Server where a summary count is shown on the Home Dashboard, with details in the PMM Database Checks dashboard.
Checks are automatically downloaded from Percona Enterprise Platform and run every 24 hours. (This period is not configurable.)
Check results data always remains on the PMM Server. It is not related to anonymous data sent for Telemetry purposes.
The Failed security checks panel on the Home Dashboard shows the number of failed checks classed as critical (red), major (amber), and trivial (blue).
Details are in the PMM Database Checks dashboard (select PMM→PMM Database Checks).
The Security Threat Tool is disabled by default. Enable it in PMM Settings→Advanced Settings.
After activating the Security Threat Tool, you must wait 24 hours for data to appear in the dashboard.
||MongoDB authentication is disabled|
||MongoDB/PSMDB version is not the latest|
||There are accounts with no username|
||There are users without passwords|
||MySQL/PS/MariaDB version is not the latest|
||PostgreSQL has users (besides
||PostgreSQL version is not the latest|
- Page updated 2020-12-31