Security Threat Tool

The Security Threat Tool runs regular checks against connected databases, alerting you if any servers pose a potential security threat.



All checks run on the PMM Client side. Results are sent to PMM Server where a summary count is shown on the Home Dashboard, with details in the PMM Database Checks dashboard.

Checks are automatically downloaded from Percona Enterprise Platform and run every 24 hours. (This period is not configurable.)

Check results data always remains on the PMM Server. It is not related to anonymous data sent for Telemetry purposes.

The Failed security checks panel on the Home Dashboard shows the number of failed checks classed as critical (red), major (amber), and trivial (blue).

Failed security checks panel

Key

Critical / Major / Trivial

Details are in the PMM Database Checks dashboard (select PMM→PMM Database Checks).

PMM Database Checks dashboard

How to enable

The Security Threat Tool is disabled by default. Enable it in PMM Settings→Advanced Settings.

After activating the Security Threat Tool, you must wait 24 hours for data to appear in the dashboard.

List of checks made

Check ID Description
mongodb_auth MongoDB authentication is disabled
mongodb_version MongoDB/PSMDB version is not the latest
mysql_anonymous_users There are accounts with no username
mysql_empty_password There are users without passwords
mysql_version MySQL/PS/MariaDB version is not the latest
postgresql_super_role PostgreSQL has users (besides postgres, rdsadmin, and pmm_user) with the role ‘SUPER’
postgresql_version PostgreSQL version is not the latest
  • Page updated 2020-12-31

Contents

Previous topic

About Percona Enterprise Platform

Next topic

How to: Overview

Contact Us

For free technical help, visit the Percona Community Forum.
To report bugs or submit feature requests, open a JIRA ticket.
For paid support and managed or professional services, contact Percona Sales.