Security Threat Tool¶
The Security Threat Tool runs regular checks against connected databases, alerting you if any servers pose a potential security threat.
All checks run on the PMM Client side. Results are sent to PMM Server where a summary count is shown on the Home Dashboard, with details in the PMM Database Checks dashboard.
Checks are automatically downloaded from Percona Platform and run every 24 hours. (This period is not configurable.)
Check results data always remains on the PMM Server. It is not related to anonymous data sent for Telemetry purposes.
The Failed security checks panel on the Home Dashboard shows the number of failed checks classed as critical (red), major (amber), and trivial (blue).
Critical / Major / Trivial
Details are in the PMM Database Checks dashboard (select PMM→PMM Database Checks).
How to enable¶
The Security Threat Tool (STT) is disabled by default. Enable it in PMM Settings→Advanced Settings.
Enabling STT in the settings also causes the PMM server to download STT checks from Percona Platform and run them once. This operation runs in the background so even though the settings update finishes instantly it might take some time for the checks to complete download and execution and the results (if any) to be visible in the PMM Database Checks dashboard.
List of checks made¶
||MongoDB authentication is disabled|
||MongoDB/PSMDB version is not the latest|
||There are accounts with no username|
||There are users without passwords|
||MySQL/PS/MariaDB version is not the latest|
||PostgreSQL has users (besides
||PostgreSQL version is not the latest|
- Page updated 2021-04-05