diff --git a/product_docs/docs/lasso/4/appendix-a.mdx b/product_docs/docs/lasso/4/appendix-a.mdx index 08beb103d0b..6ce0493b080 100644 --- a/product_docs/docs/lasso/4/appendix-a.mdx +++ b/product_docs/docs/lasso/4/appendix-a.mdx @@ -5,7 +5,7 @@ title: Servers accepting upload of reports !!! Note This information applies only to Lasso executables with external network access. You can verify that your Lasso -can access the internet using the `--version` option. Look for +can access the Internet using the `--version` option. Look for the line `External network access enabled`. !!! diff --git a/product_docs/docs/lasso/4/configuration.mdx b/product_docs/docs/lasso/4/configuration.mdx index 33ed6c5dff1..0e5ec70d3a3 100644 --- a/product_docs/docs/lasso/4/configuration.mdx +++ b/product_docs/docs/lasso/4/configuration.mdx @@ -4,8 +4,8 @@ title: Configuration Besides being mandatory for the customer `id` and `token`, the Lasso configuration file also allows you to omit most of the command line -options that your environment might require (you can see a list of all -the command line options in [Usage](usage)). +options that your environment might require. (You can see a list of all +the command-line options in [Usage](usage).) Lasso looks for configuration files in the following paths, in this order, and uses the first match: @@ -93,5 +93,5 @@ environment. On Linux, you can find that same template configuration file at `/etc/edb-lasso.conf.templ`. -You can see more details about how each of these arguments are used in the -[Lasso report types page](report-types). +You can see more details about how each of these arguments is used in +[Report types](report-types). diff --git a/product_docs/docs/lasso/4/describe.mdx b/product_docs/docs/lasso/4/describe.mdx index 15b773092c6..4dac95001d9 100644 --- a/product_docs/docs/lasso/4/describe.mdx +++ b/product_docs/docs/lasso/4/describe.mdx @@ -4,2266 +4,2121 @@ navTitle: Gathered data details deepToC: true --- -## GNU/Linux Operating System +## GNU/Linux operating system ### barman crontab/cron (`barman_crontab_cron`) -Output from crontab -l, if running as barman. Content of -/etc/cron.d/barman, if exists. +Output from `crontab -l`, if running as barman. Content of +`/etc/cron.d/barman`, if it exists. -Report output: +**Report output:** - * file `/linux/barman_cron.data`: Content of /etc/cron.d/barman, if exists - * file `/linux/barman_crontab.data`: Output from barman crontab -l, if barman user + * File `/linux/barman_cron.data`: Content of `/etc/cron.d/barman`, if it exists + * File `/linux/barman_crontab.data`: Output from `barman crontab -l`, if barman user -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -May have entries in crontab/cron with sensitive data +**Security impact:** Low — +Might have entries in `crontab/cron` with sensitive data. ### debug_sources (`debug_sources`) -Count files under `/usr/src/debug` to detect which applications' +Count files under `/usr/src/debug` to detect the applications whose source code is present in the system and facilitate live debugging. -Report output: - - * file `/linux/debug_sources.data`: Sources for GNU debugger +**Report output:** -**Depth:** surface + * File `/linux/debug_sources.data`: Sources for GNU debugger +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### EFM CLI (`efm_cli`) -Get output of efm cluster-status command. +Get output of `efm cluster-status` command. -Report output: +**Report output:** - * file `/tools/efm/cli/cluster_status.out`: Output of `efm cluster-status cluster_name` command + * File `/tools/efm/cli/cluster_status.out`: Output of `efm cluster-status cluster_name` command -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### EFM configuration (`efm_configuration`) -EFM properties and nodes configuration files +EFM properties and nodes configuration files. -Report output: +**Report output:** - * file `/tools/efm/config/efm.nodes`: EFM nodes file - * file `/tools/efm/config/efm.properties`: EFM properties file + * File `/tools/efm/config/efm.nodes`: EFM nodes file + * File `/tools/efm/config/efm.properties`: EFM properties file -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### EFM systemctl (`efm_systemctl`) When EFM services are detected, collects status and cat of the -corresponding services. Will check for any service which name starts -with `edb-efm-` +corresponding services. Checks for any service whose name starts +with `edb-efm-`. -Report output: +**Report output:** - * file `/tools/efm/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/efm/systemd/service_name_status.data`: Output of 'systemctl status service_name + * File `/tools/efm/systemd/service_name_cat.data`: Output of `systemctl cat service_name` + * File `/tools/efm/systemd/service_name_status.data`: Output of `systemctl status service_name` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### etcd CLI (`etcd_cli`) Gathers the output of some `etcdctl` commands, if `etcdctl` is -available in the server. The commands are: endpoint status and -endpoint health. +available in the server. The commands are `endpoint status` and +`endpoint health`. -Report output: +**Report output:** - * file `/tools/etcd/cli/endpoint_status.out`: Output of `etcdctl endpoint status` command - * file `/tools/etcd/cli/endpoint_health.out`: Output of `etcdctl endpoint health` command + * File `/tools/etcd/cli/endpoint_status.out`: Output of `etcdctl endpoint status` command + * File `/tools/etcd/cli/endpoint_health.out`: Output of `etcdctl endpoint health` command -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### etcd configuration (`etcd_configuration`) -Collects etcd configuration file that is found in the server - -Report output: +Collects `etcd` configuration file that's found in the server. - * file `/tools/etcd/config/basename`: etcd configuration file +**Report output:** -**Depth:** surface + * File `/tools/etcd/config/basename`: `etcd` configuration file +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### etcd systemctl (`etcd_systemctl`) When etcd services are detected, collects status and cat of the -corresponding services. Will check for any service which name starts -with `etcd` +corresponding services. Checks for any service whose name starts +with `etcd`. -Report output: +**Report output:** - * file `/tools/etcd/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/etcd/systemd/service_name_status.data`: Output of 'systemctl status service_name + * File `/tools/etcd/systemd/service_name_cat.data`: Output of 'systemctl cat service_name + * File `/tools/etcd/systemd/service_name_status.data`: Output of 'systemctl status service_name -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** low — +No known security impact. ### HARP CLI (`harp_cli`) Gathers output of a few `harpctl` command outputs using the -`config.yml` file which is found in the server. The commands are: -cluster, proxies, locations, nodes, and version. +`config.yml` file, which is found in the server. The commands are: +`cluster`, `proxies`, `locations`, `nodes`, and `version`. -Report output: +**Report output:** - * file `/tools/harp/cli/version.out`: Output of `harp -f conf_file_path version` command - * file `/tools/harp/cli/proxies.out`: Output of `harp -f conf_file_path get proxies -o yaml` command - * file `/tools/harp/cli/nodes.out`: Output of `harp -f conf_file_path get nodes -o yaml` command - * file `/tools/harp/cli/locations.out`: Output of `harp -f conf_file_path get locations -o yaml` command - * file `/tools/harp/cli/cluster.out`: Output of `harp -f conf_file_path get cluster -o yaml` command + * File `/tools/harp/cli/version.out`: Output of `harpctl -f conf_file_path version` command + * File `/tools/harp/cli/proxies.out`: Output of `harpctl -f conf_file_path get proxies -o yaml` command + * File `/tools/harp/cli/nodes.out`: Output of `harpctl -f conf_file_path get nodes -o yaml` command + * File `/tools/harp/cli/locations.out`: Output of `harpctl -f conf_file_path get locations -o yaml` command + * File `/tools/harp/cli/cluster.out`: Output of `harpctl -f conf_file_path get cluster -o yaml` command -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### HARP configuration (`harp_configuration`) -Collects HARP configuration file that is found in the server +Collects HARP configuration file that's found in the server. -Report output: +**Report output:** - * file `/tools/harp/config/harp.cluster.init.yml`: HARP bootstrap configuration file - * file `/tools/harp/config/basename`: HARP configuration file + * File `/tools/harp/config/harp.cluster.init.yml`: HARP bootstrap configuration file + * File `/tools/harp/config/basename`: HARP configuration file -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### HARP systemctl (`harp_systemctl`) When HARP services are detected, collects status and cat of the -corresponding services. Will check for any service which name starts -with `harp` +corresponding services. Checks for any service whose name starts +with `harp`. -Report output: +**Report output:** - * file `/tools/harp/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/harp/systemd/service_name_status.data`: Output of 'systemctl status service_name + * File `/tools/harp/systemd/service_name_cat.data`: Output of `systemctl cat service_name` + * File `/tools/harp/systemd/service_name_status.data`: Output of `systemctl status service_name` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Block devices layout (`linux_block_devices_layout`) -Information on block devices layout from the `lsblk` command +Information on block devices layout from the `lsblk` command. -Report output: +**Report output:** - * file `/linux/lsbk.data`: `lsbk` command output + * File `/linux/lsbk.data`: `lsbk` command output -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Processor governor (`linux_cpu_governor`) -Processor scaling governor from the files in `/sys/devices/system/cpu` - -Report output: +Processor scaling governor from the files in `/sys/devices/system/cpu`. - * file `/linux/sys/energy_perf_bias.data`: Intel Performance and Energy Bias attributes - * file `/linux/sys/intel_pstate.data`: Intel pstate configuration - * file `/linux/sys/cpu_scaling_driver.data`: available CPU scaling driver - * file `/linux/sys/cpu_scaling_available_governors.data`: available CPU scaling governors - * file `/linux/sys/cpu_scaling_governor.data`: active CPU scaling governor +**Report output:** -**Depth:** surface + * File `/linux/sys/energy_perf_bias.data`: Intel Performance and Energy Bias attributes + * File `/linux/sys/intel_pstate.data`: Intel pstate configuration + * File `/linux/sys/cpu_scaling_driver.data`: Available CPU scaling driver + * File `/linux/sys/cpu_scaling_available_governors.data`: Available CPU scaling governors + * File `/linux/sys/cpu_scaling_governor.data`: Active CPU scaling governor +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Mounted file systems and available space (`linux_devices_info`) -List mounted filesystems through the `mount` command and free space +List-mounted file systems through the `mount` command and free space using `df`. -Report output: - - * file `/linux/diskspace.data`: amount of available disk space - * file `/linux/mount.data`: Output of the `mount` command +**Report output:** -**Depth:** surface + * File `/linux/diskspace.data`: Amount of available disk space + * File `/linux/mount.data`: Output of the `mount` command +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### File systems configuration (`linux_disk_configuration`) -Disk configuration obtained through the `/etc/fstab` file +Disk configuration obtained through the `/etc/fstab` file. -Report output: +**Report output:** - * file `/linux/fstab.data`: contents of /etc/fstab + * File `/linux/fstab.data`: Contents of /etc/fstab -**Depth:** surface +**Depth:** Surface +**Security impact:** Low — +No known security impact. -**Security Impact:** *low* — -no known security impact. - -### OS distribution, kernel and device data (`linux_distro_collector`) +### OS distribution, kernel, and device data (`linux_distro_collector`) -Information about the Linux distribution currently in use, as returned +Information about the Linux distribution currently in use returned by the `lsb_release` command. -Report output: +**Report output:** - * file `/linux/release.data`: The Linux distribution currently in use - * file `/linux/release_source.data`: The name of the collected file or the executed command + * File `/linux/release.data`: Linux distribution currently in use + * File `/linux/release_source.data`: Name of the collected file or the executed command -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Hardware (`linux_hardware_info`) -Hardware info through `lspci` +Hardware info through `lspci`. -Report output: +**Report output:** - * file `/linux/lspci.data`: Hardware info from `lspci` + * File `/linux/lspci.data`: Hardware info from `lspci` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Hypervisor (`linux_hypervisor_collector`) Information about the type of virtualization used, as returned by the `systemd-detect-virt` command. -Report output: +**Report output:** - * file `/linux/hypervisor.data`: The name of the collected file or the executed command + * File `/linux/hypervisor.data`: Name of the collected file or the executed command -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Kernel (`linux_kernel_info`) -Kernel info, transparent huge pages status and disk scheduler -configuration obtained by combining the output of the commands `uname` -and `ipcs` with the contents of the `/proc` and `/sys` filesystems - -Report output: +Kernel info, transparent huge pages status, and disk scheduler +configuration. Obtained by combining the output of the commands `uname` +and `ipcs` with the contents of the `/proc` and `/sys` file systems. - * file `/linux/read_ahead.data`: Info on the read ahead - * file `/linux/schedulers.data`: Scheduler info from `/sys` dir - * file `/linux/sys/kernel_mm_transparent_hugepage.data`: Transparent huge pages info - * file `/linux/ipcs.data`: `ipcs` command output - * file `/linux/uname.data`: `uname` command output +**Report output:** -**Depth:** surface + * File `/linux/read_ahead.data`: Info on the read ahead + * File `/linux/schedulers.data`: Scheduler info from `/sys` dir + * File `/linux/sys/kernel_mm_transparent_hugepage.data`: Transparent huge pages info + * File `/linux/ipcs.data`: `ipcs` command output + * File `/linux/uname.data`: `uname` command output +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Kernel limits (`linux_kernel_limits`) -Configuration file for the `pam_limits` module +Configuration file for the `pam_limits` module. -Report output: +**Report output:** - * file `/linux/limits.data`: content of the `limits.conf` file + * File `/linux/limits.data`: Content of the `limits.conf` file -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Processor usage statistics (`linux_mpstat`) Processor statistics from the `mpstat` command. -Report output: - - * file `/linux/mpstat.data`: Output from 'mpstat -P ALL 1 10' +**Report output:** -**Depth:** surface + * File `/linux/mpstat.data`: Output from `mpstat -P ALL 1 10` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Network interfaces (`linux_network_interfaces`) Network interface information from the `ip` and `ifconfig` commands. -Report output: +**Report output:** - * file `/linux/ifconfig.data`: Output from 'ifconfig' - * file `/linux/ip_address_list.data`: Output from 'ip address list' + * File `/linux/ifconfig.data`: Output from `ifconfig` + * File `/linux/ip_address_list.data`: Output from `ip address list` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Installed packages via rpm or dpkg (`linux_packages_info`) -Information about the system packages installed using `rpm` or `dpkg` +Information about the system packages installed using `rpm` or `dpkg`. -Report output: +**Report output:** - * file `/linux/packages-dpkg.data`: List of packages installed using `dpkg` - * file `/linux/packages-rpm.data`: List of packages installed using `rpm` + * File `/linux/packages-dpkg.data`: List of packages installed using `dpkg` + * File `/linux/packages-rpm.data`: List of packages installed using `rpm` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PostgreSQL disk layout (`linux_postgresql_disk_layout`) List all files in the PostgreSQL data directory using `find` for -links and `ls` for files +links and `ls` for files. -Report output: +**Report output:** - * file `/linux/pg_ls.data`: List of files inside the data directory - * file `/linux/pg_links.data`: List of links inside the data directory + * File `/linux/pg_ls.data`: List of files inside the data directory + * File `/linux/pg_links.data`: List of links inside the data directory -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### SELinux (`linux_sestatus`) -SELinux status from `sestatus` +SELinux status from `sestatus`. -Report output: +**Report output:** - * file `/linux/sestatus.data`: Output from 'setstatus' + * File `/linux/sestatus.data`: Output from `sestatus` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### System identification (`linux_system_identity`) Collect hostname, network interfaces, system info (uname), system -identifier and release info. - -Report output: +identifier, and release info. - * file `/linux/id/system_release.data`: OS information from /etc/system-release - * file `/linux/id/os_release.data`: OS information from /etc/os-release - * file `/linux/id/machine_id.data`: Machine ID contained in /etc/machine-id - * file `/linux/id/uname.data`: Information about the running kernel - * file `/linux/id/hostname.data`: Fully qualified domain name - * file `/linux/id/interfaces.data`: Network addresses of the host +**Report output:** -**Depth:** surface + * File `/linux/id/system_release.data`: OS information from `/etc/system-release` + * File `/linux/id/os_release.data`: OS information from `/etc/os-release` + * File `/linux/id/machine_id.data`: Machine ID contained in `/etc/machine-id` + * File `/linux/id/uname.data`: Information about the running kernel + * File `/linux/id/hostname.data`: Fully qualified domain name + * File `/linux/id/interfaces.data`: Network addresses of the host +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### dmesg and /proc information (`linux_system_info`) System info from the contents of the `/proc` filesystem and through the output of `dmesg` command. -Report output: +**Report output:** - * file `/linux/lsmod.data`: Lsmod output - * file `/linux/dmesg_with_timestamp.data`: Dmesg output (human readable timestamps) - * file `/linux/dmesg.data`: Dmesg output - * file `/linux/proc/sys_net_ipv4.data`: Network info from `/proc` - * file `/linux/proc/sys_vm.data`: vm info from `/proc` - * file `/linux/proc/sys_kernel.data`: Kernel info from `/proc` - * file `/linux/vmstat.data`: VM statistics from `/proc` - * file `/linux/proc/mounts.data`: Mount points from `/proc` - * file `/linux/proc/uptime.data`: Uptime info from `/proc` - * file `/linux/proc/loadavg.data`: Load avg from `/proc` - * file `/linux/proc/meminfo.data`: Memory info from `/proc` + * File `/linux/lsmod.data`: `Lsmod` output + * File `/linux/dmesg_with_timestamp.data`: `Dmesg` output (human-readable timestamps) + * File `/linux/dmesg.data`: `Dmesg` output + * File `/linux/proc/sys_net_ipv4.data`: Network info from `/proc` + * File `/linux/proc/sys_vm.data`: VM info from `/proc` + * File `/linux/proc/sys_kernel.data`: Kernel info from `/proc` + * File `/linux/vmstat.data`: VM statistics from `/proc` + * File `/linux/proc/mounts.data`: Mount points from `/proc` + * File `/linux/proc/uptime.data`: Uptime info from `/proc` + * File `/linux/proc/loadavg.data`: Load avg from `/proc` + * File `/linux/proc/meminfo.data`: Memory info from `/proc` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### System status — iostat (`linux_system_status_iostat`) System status from the `iostat` command. -Report output: +**Report output:** - * file `/linux/iostat.data`: Info on I/O statistics + * File `/linux/iostat.data`: Info on I/O statistics -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### System status — nfsiostat (`linux_system_status_nfsiostat`) System status from the `nfsiostat` command. -Report output: +**Report output:** - * file `/linux/nfsiostat.data`: nfs I/O statistics + * File `/linux/nfsiostat.data`: nfs I/O statistics -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### System status — ps (`linux_system_status_ps`) System status from the `ps` command. -Report output: +**Report output:** - * file `/linux/ps.data`: Active processes info + * File `/linux/ps.data`: Active processes info -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -Some processes might contain sensitive data in their names +**Security impact:** Low — +Some processes might contain sensitive data in their names. ### System status — sar (`linux_system_status_sar`) System status from the `sar` command. -Report output: - - * file `/linux/sar.data`: Actual `sar` info - * file `/linux/sar-yesterday.data`: `sar` info from yesterday +**Report output:** -**Depth:** surface + * File `/linux/sar.data`: Actual `sar` info + * File `/linux/sar-yesterday.data`: `sar` info from yesterday +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### System status — top (`linux_system_status_top`) System status from the `top` command. -Report output: +**Report output:** - * file `/linux/top.data`: Process information + * File `/linux/top.data`: Process information -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -Some processes might contain sensitive data in their names +**Security impact:** Low — +Some processes might contain sensitive data in their names. ### System status — vmstat (`linux_system_status_vmstat`) System status from the `vmstat` command. -Report output: +**Report output:** - * file `/linux/vmstat.data`: Info on processes, memory, paging, block IO, traps, disks and cpu activity + * File `/linux/vmstat.data`: Info on processes, memory, paging, block IO, traps, disks, and CPU activity -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### systemctl units (`linux_systemctl_units`) -Systemctl list-units on a `systemd` server - -Report output: +Systemctl list-units on a `systemd` server. - * file `/linux/systemctl-list-units.data`: Output of 'systemctl list-units' +**Report output:** -**Depth:** surface + * File `/linux/systemctl-list-units.data`: Output of `systemctl list-units` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### tuned (`linux_tuned`) -Tuned status and profiles - -Report output: +Tuned status and profiles. - * directory `/linux/tuned/tune-profiles`: Files from `/etc/tune-profiles` - * directory `/linux/tuned/tuned`: Files from `/etc/tuned` - * file `/linux/tuned/tuned.conf`: The file `/etc/tuned.conf` - * file `/linux/tuned/tuned-list.data`: Output from `tuned_adm list` - * file `/linux/tuned/tuned-active.data`: Output from `tuned_adm active` +**Report output:** -**Depth:** surface + * Directory `/linux/tuned/tune-profiles`: Files from `/etc/tune-profiles` + * Directory `/linux/tuned/tuned`: Files from `/etc/tuned` + * File `/linux/tuned/tuned.conf`: File `/etc/tuned.conf` + * File `/linux/tuned/tuned-list.data`: Output from `tuned_adm list` + * File `/linux/tuned/tuned-active.data`: Output from `tuned_adm active` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PEM configuration (`pem_configuration`) -PEM configuration files from PEM agent, PEM server, and PEM Web server - -Report output: +PEM configuration files from PEM agent, PEM server, and PEM web server. - * file `/tools/pem/config/edb-ssl-pem.conf`: PEM Web server SSL configuration file - * file `/tools/pem/config/edb-pem.conf`: PEM Web server configuration file - * file `/tools/pem/config/install-config`: PEM server configuration file (installation config file) - * file `/tools/pem/config/config_setup.py`: PEM server setup configuration file - * file `/tools/pem/config/pem.wsgi`: PEM server WSGI definition file - * file `/tools/pem/config/agent.cfg`: PEM agent configuration file +**Report output:** -**Depth:** surface + * File `/tools/pem/config/edb-ssl-pem.conf`: PEM web server SSL configuration file + * File `/tools/pem/config/edb-pem.conf`: PEM web server configuration file + * File `/tools/pem/config/install-config`: PEM server configuration file (installation config file) + * File `/tools/pem/config/config_setup.py`: PEM server setup configuration file + * File `/tools/pem/config/pem.wsgi`: PEM server WSGI definition file + * File `/tools/pem/config/agent.cfg`: PEM agent configuration file +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PEM systemctl (`pem_systemctl`) When PEM is detected, collects PEM agent and PEM web server status and -content +content. -Report output: +**Report output:** - * file `/tools/pem/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/pem/systemd/service_name_status.data`: Output of 'systemctl status service_name + * File `/tools/pem/systemd/service_name_cat.data`: Output of `systemctl cat service_name` + * File `/tools/pem/systemd/service_name_status.data`: Output of `systemctl status service_name` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PgBouncer configuration (`pgbouncer_configuration`) -PgBouncer configuration files - -Report output: +PgBouncer configuration files. - * file `/tools/pgbouncer/num/config/basename`: PgBouncer configuration file from instance num +**Report output:** -**Depth:** surface + * File `/tools/pgbouncer/num/config/basename`: PgBouncer configuration file from instance num +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PgBouncer systemctl (`pgbouncer_systemctl`) When PgBouncer services are detected, collects status and cat of the -corresponding services. Will check for any service which contains any -of the PgBouncer configuration files - -Report output: +corresponding services. Checks for any service that contains any +of the PgBouncer configuration files. - * file `/tools/pgbouncer/num/systemd/service_name_cat.data`: Output of 'systemctl cat service_name from instance num - * file `/tools/pgbouncer/num/systemd/service_name_status.data`: Output of 'systemctl status service_name from instance num +**Report output:** -**Depth:** surface + * File `/tools/pgbouncer/num/systemd/service_name_cat.data`: Output of `systemctl cat service_name` from instance num + * File `/tools/pgbouncer/num/systemd/service_name_status.data`: Output of `systemctl status service_name` from instance num +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PGD Proxy configuration (`pgd_proxy_configuration`) -Collects PGD Proxy configuration file that is found in the server - -Report output: +Collects PGD Proxy configuration file that's found in the server. - * file `/tools/pgd-proxy/config/basename`: PGD Proxy configuration file +**Report output:** -**Depth:** surface + * File `/tools/pgd-proxy/config/basename`: PGD Proxy configuration file +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PGD Proxy systemctl (`pgd_proxy_systemctl`) When PGD Proxy services are detected, collects status and cat of the -corresponding services. Will check for any service which name starts -with `pgd-proxy` +corresponding services. Checks for any service whose name starts +with `pgd-proxy`. -Report output: +**Report output:** - * file `/tools/pgd-proxy/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/pgd-proxy/systemd/service_name_status.data`: Output of 'systemctl status service_name + * File `/tools/pgd-proxy/systemd/service_name_cat.data`: Output of `systemctl cat service_name` + * File `/tools/pgd-proxy/systemd/service_name_status.data`: Output of `systemctl status service_name` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### postgres/enterprisedb crontab (`postgres_enterprisedb_crontab`) -Output from crontab -l, if running as postgres or enterprisedb +Output from `crontab -l`, if running as postgres or enterprisedb. -Report output: +**Report output:** - * file `/linux/enterprisedb_crontab.data`: Output from enterprisedb crontab -l, if enterprisedb user - * file `/linux/postgres_crontab.data`: Output from postgres crontab -l, if postgres user + * File `/linux/enterprisedb_crontab.data`: Output from `enterprisedb crontab -l`, if enterprisedb user + * File `/linux/postgres_crontab.data`: Output from `postgres crontab -l`, if postgres user -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -May have entries in crontab/cron with sensitive data +**Security impact:** Low — +Might have entries in crontab/cron with sensitive data. ### repmgr CLI (`repmgr_cli`) -Collects output of `repmgr cluster crosscheck` and `repmgr daemon -status` using the repmgr.conf file which is found in the server. - -Report output: +Collects output of `repmgr cluster crosscheck` and `repmgr daemon status` +using the `repmgr.conf` file, which is found in the server. - * file `/tools/repmgr/cli/daemon_status.out`: Output of `repmgr daemon status -f conf_file_path` command - * file `/tools/repmgr/cli/cluster_crosscheck.out`: Output of `repmgr cluster crosscheck -f conf_file_path` command +**Report output:** -**Depth:** surface + * File `/tools/repmgr/cli/daemon_status.out`: Output of `repmgr daemon status -f conf_file_path` command + * File `/tools/repmgr/cli/cluster_crosscheck.out`: Output of `repmgr cluster crosscheck -f conf_file_path` command +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### repmgr configuration (`repmgr_configuration`) -Collects repmgr configuration file that is found in the server +Collects repmgr configuration file that's found in the server. -Report output: +**Report output:** - * file `/tools/repmgr/config/repmgr.conf`: repmgr configuration file + * File `/tools/repmgr/config/repmgr.conf`: repmgr configuration file -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### repmgr systemctl (`repmgr_systemctl`) When repmgr services are detected, collects status and cat of the -corresponding services. Will check for any service which name starts -with `repmgr` +corresponding services. Checks for any service whose name starts +with `repmgr`. -Report output: +**Report output:** - * file `/tools/repmgr/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/repmgr/systemd/service_name_status.data`: Output of 'systemctl status service_name + * File `/tools/repmgr/systemd/service_name_cat.data`: Output of `systemctl cat service_name` + * File `/tools/repmgr/systemd/service_name_status.data`: Output of `systemctl status service_name` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### xDB CLI (`xdb_cli`) -xDB output from several CLI commands, from the xDB publication and/or +xDB output from several CLI commands, from the xDB publication and subscription server that are running. -Report output: +**Report output:** - * directory `/tools/xdb/cli`: xDB CLI print commands + * Directory `/tools/xdb/cli`: xDB CLI print commands -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### xDB configuration (`xdb_configuration`) -xDB configuration files +xDB configuration files. -Report output: +**Report output:** - * file `/tools/xdb/config/xdbReplicationServer.config`: xDB startup configuration` - * file `/tools/xdb/config/edb-repl.conf`: xDB replication configuration` - * file `/tools/xdb/config/xdb_subserver.conf`: xDB subscription server configuration - * file `/tools/xdb/config/xdb_pubserver.conf`: xDB publication server configuration + * File `/tools/xdb/config/xdbReplicationServer.config`: xDB startup configuration + * File `/tools/xdb/config/edb-repl.conf`: xDB replication configuration + * File `/tools/xdb/config/xdb_subserver.conf`: xDB subscription server configuration + * File `/tools/xdb/config/xdb_pubserver.conf`: xDB publication server configuration -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### xDB systemctl (`xdb_systemctl`) -When xDB services are detected, collects status and cat of edb- -xdbpubserver and edb-xdbsubserver - -Report output: +When xDB services are detected, collects status and cat of `edb- +xdbpubserver` and `edb-xdbsubserver`. - * file `/tools/xdb/systemd/service_name_cat.data`: Output of 'systemctl cat service_name - * file `/tools/xdb/systemd/service_name_status.data`: Output of 'systemctl status service_name +**Report output:** -**Depth:** surface + * File `/tools/xdb/systemd/service_name_cat.data`: Output of `systemctl cat service_name` + * File `/tools/xdb/systemd/service_name_status.data`: Output of `systemctl status service_name` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. -## Microsoft Windows Operating System +## Microsoft Windows operating system ### PEM configuration — Windows (`pem_configuration_windows`) -PEM configuration files from PEM agent, PEM server, and PEM Web server +PEM configuration files from PEM agent, PEM server, and PEM web server in a Windows environment. -Report output: - - * file `/tools/pem/config/edb-ssl-pem.conf`: PEM Web server SSL configuration file - * file `/tools/pem/config/edb-pem.conf`: PEM Web server configuration file - * file `/tools/pem/config/pem.wsgi`: PEM server WSGI definition file - * file `/tools/pem/config/agent.cfg`: PEM agent configuration file +**Report output:** -**Depth:** surface + * File `/tools/pem/config/edb-ssl-pem.conf`: PEM web server SSL configuration file + * File `/tools/pem/config/edb-pem.conf`: PEM web server configuration file + * File `/tools/pem/config/pem.wsgi`: PEM server WSGI definition file + * File `/tools/pem/config/agent.cfg`: PEM agent configuration file +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### PEM sc (`pem_sc`) When PEM is detected, collects PEM agent and PEM web server status and content -Report output: - - * file `/tools/pem/sc/service_name_query.data`: Output of 'sc query service_name +**Report output:** -**Depth:** surface + * File `/tools/pem/sc/service_name_query.data`: Output of `sc query service_name` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Disk information (`win_disk_information`) Disk and controller information from the system registry. -Report output: +**Report output:** - * file `/windows/enum_ide.reg`: Local machine ide device settings - * file `/windows/enum_scsi.reg`: Local machine scsi device settings + * File `/windows/enum_ide.reg`: Local machine ide device settings + * File `/windows/enum_scsi.reg`: Local machine scsi device settings -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Hosts file (`win_hosts`) -Host files and network related information +Host files and network-related information. -Report output: +**Report output:** - * file `/windows/services.data`: Windows `services` file - * file `/windows/protocol.data`: Windows `protocol` file - * file `/windows/networks.data`: Windows `networks` file - * file `/windows/hosts.sam`: Windows `hosts.sam` file - * file `/windows/hosts.data`: Windows `hosts` file + * File `/windows/services.data`: Windows `services` file + * File `/windows/protocol.data`: Windows `protocol` file + * File `/windows/networks.data`: Windows `networks` file + * File `/windows/hosts.sam`: Windows `hosts.sam` file + * File `/windows/hosts.data`: Windows `hosts` file -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### MsInfo (`win_msinfo`) -`MsInfo32` report in `NFO` and `TXT` format +`MsInfo32` report in `NFO` and `TXT` format. -Report output: +**Report output:** - * file `/windows/msinfo_report.txt`: Information from the `MsInfo32` in textual format - * file `/windows/msinfo_report.nfo`: Information from the `MsInfo32` in `NFO` + * File `/windows/msinfo_report.txt`: Information from the `MsInfo32` in textual format + * File `/windows/msinfo_report.nfo`: Information from the `MsInfo32` in `NFO` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### ODBC/64 (`win_odbc32_info`) -ODBC configuration from the 64 bit registry section - -Report output: +ODBC configuration from the 64-bit registry section. - * file `/windows/user_odbc_wow64.reg`: User DSN list - * file `/windows/localmachine_odbcinst_wow64.reg`: List of installed ODBC drivers - * file `/windows/localmachine_odbc_wow64.reg`: System DSN list +**Report output:** -**Depth:** surface + * File `/windows/user_odbc_wow64.reg`: User DSN list + * File `/windows/localmachine_odbcinst_wow64.reg`: List of installed ODBC drivers + * File `/windows/localmachine_odbc_wow64.reg`: System DSN list +**Depth:** Surface -**Security Impact:** *medium* — +**Security impact:** Medium — ODBC connection information could expose the presence of other databases or connection information to PostgreSQL that can be used to -attack the system +attack the system. ### ODBC/32 (`win_odbc64_info`) -ODBC configuration from the 32 bit registry section +ODBC configuration from the 32-bit registry section. -Report output: +**Report output:** - * file `/windows/user_odbc.reg`: User DSN list - * file `/windows/localmachine_odbcinst.reg`: list of installed ODBC drivers - * file `/windows/localmachine_odbc.reg`: System DSN list + * File `/windows/user_odbc.reg`: User DSN list + * File `/windows/localmachine_odbcinst.reg`: list of installed ODBC drivers + * File `/windows/localmachine_odbc.reg`: System DSN list -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *medium* — +**Security impact:** Medium — ODBC connection information could expose the presence of other databases or connection information to PostgreSQL that can be used to -attack the system +attack the system. ### systeminfo (`win_systeminfo`) -Output of the `systeminfo` command - -Report output: +Output of the `systeminfo` command. - * file `/windows/systeminfo_report.txt`: Information from the `systeminfo` command +**Report output:** -**Depth:** surface + * File `/windows/systeminfo_report.txt`: Information from the `systeminfo` command +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Disk volumes (`win_volumes`) -Volume list from `WMI` +Volume list from `WMI`. -Report output: +**Report output:** - * file `/windows/association_structure`: Association between drive letters and physical drives - * file `/windows/volume_disk`: Volume list from the WMI subsystem - * file `/windows/logical_disk_list`: Logical disk list from the WMI subsystem - * file `/windows/disk_partition_list`: Disk partition list from the WMI subsystem - * file `/windows/disk_drive_list`: Disk list from the WMI subsystem + * File `/windows/association_structure`: Association between drive letters and physical drives + * File `/windows/volume_disk`: Volume list from the WMI subsystem + * File `/windows/logical_disk_list`: Logical disk list from the WMI subsystem + * File `/windows/disk_partition_list`: Disk partition list from the WMI subsystem + * File `/windows/disk_drive_list`: Disk list from the WMI subsystem -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### xDB CLI — Windows (`xdb_cli_windows`) -xDB output from several CLI commands, from the xDB publication and/or -subscription server that are running. - -Report output: +xDB output from several CLI commands, from the running xDB publication and +subscription servers. - * directory `/tools/xdb/cli`: xDB CLI print commands +**Report output:** -**Depth:** surface + * Directory `/tools/xdb/cli`: xDB CLI print commands +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### xDB configuration — Windows (`xdb_configuration_windows`) -xDB configuration files +xDB configuration files. -Report output: +**Report output:** - * file `/tools/xdb/config/xdbReplicationServer.config`: xDB startup configuration` - * file `/tools/xdb/config/edb-repl.conf`: xDB replication configuration` - * file `/tools/xdb/config/xdb_subserver.conf`: xDB subscription server configuration - * file `/tools/xdb/config/xdb_pubserver.conf`: xDB publication server configuration + * File `/tools/xdb/config/xdbReplicationServer.config`: xDB startup configuration` + * File `/tools/xdb/config/edb-repl.conf`: xDB replication configuration` + * File `/tools/xdb/config/xdb_subserver.conf`: xDB subscription server configuration + * File `/tools/xdb/config/xdb_pubserver.conf`: xDB publication server configuration -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### xDB sc (`xdb_sc`) -When xDB is detected, collects xDB Publication and Subscription server -status - -Report output: +When xDB is detected, collects xDB publication and subscription server +status. - * file `/tools/xdb/sc/service_name_query.data`: Output of 'sc query service_name +**Report output:** -**Depth:** surface + * File `/tools/xdb/sc/service_name_query.data`: Output of `sc query service_name` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. -## PostgreSQL/BDR3 Instance +## PostgreSQL/BDR3 instance ### Current archiver stats (`postgresql_archiver`) -Statistics about the archiver process's activity (from -pg_stat_archiver) +Statistics about the archiver process activity (from +`pg_stat_archiver`). -Report output: +**Report output:** - * file `postgresql/archiver.out` + * File `postgresql/archiver.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Available extensions (`postgresql_available_extensions`) -List of extensions available on the server +List of extensions available on the server. -Report output: +**Report output:** - * file `postgresql/available_extensions.out` + * File `postgresql/available_extensions.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current bg_writer stats (`postgresql_bgwriter`) -Statistics about the background writer process's activity (from -pg_stat_bgwriter) +Statistics about the background writer process activity (from +`pg_stat_bgwriter`). -Report output: +**Report output:** - * file `postgresql/bgwriter.out` + * File `postgresql/bgwriter.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Directory with binaries (`postgresql_bin_dir`) -PostgreSQL binary directory +PostgreSQL binary directory. -Report output: +**Report output:** - * file `/postgresql/postgresql_bin_path.data`: Path to the PostgreSQL bin directory + * File `/postgresql/postgresql_bin_path.data`: Path to the PostgreSQL bin directory -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current configuration (`postgresql_configuration`) -PostgreSQL current configuration - -Report output: +PostgreSQL current configuration. - * file `postgresql/configuration.out` +**Report output:** -**Depth:** surface + * File `postgresql/configuration.out` +**Depth:** Surface -**Security Impact:** *medium* — -postgresql.conf might contain bad security policies +**Security impact:** Medium — +`postgresql.conf` might contain bad security policies ### Configuration files (`postgresql_configuration_files`) -PostgreSQL configuration files and the data directory path (passwords -contained in well-known connection strings are automatically redacted -for information security reasons). - -Report output: +PostgreSQL configuration files and the data directory path. Passwords +contained in well-known connection strings are redacted +for information-security reasons. - * file `/postgresql/pg_ident.conf`: PostgreSQL ident configuration file - * file `/postgresql/pg_hba.conf`: PostgreSQL host-based authentication file - * file `/postgresql/postgresql.auto.conf`: PostgreSQL auto configuration file - * file `/postgresql/recovery.done`: PostgreSQL recovery.done file - * file `/postgresql/recovery.conf`: PostgreSQL recovery.conf file - * file `/postgresql/postgresql.conf`: PostgreSQL configuration file +**Report output:** -**Depth:** surface + * File `/postgresql/pg_ident.conf`: PostgreSQL ident configuration file + * File `/postgresql/pg_hba.conf`: PostgreSQL host-based authentication file + * File `/postgresql/postgresql.auto.conf`: PostgreSQL auto configuration file + * File `/postgresql/recovery.done`: PostgreSQL `recovery.done` file + * File `/postgresql/recovery.conf`: PostgreSQL `recovery.conf` file + * File `/postgresql/postgresql.conf`: PostgreSQL configuration file +**Depth:** Surface -**Security Impact:** *medium* — +**Security impact:** Medium — `pg_hba.conf` and `pg_ident.conf` might expose potential security -holes such as trusted connections. +holes, such as trusted connections. ### Current rate of new connections established to the DB (`postgresql_conns_per_second`) Current rate of new connections established during 3s observation -period +period. -Report output: +**Report output:** - * file `postgresql/conns_per_second.out` + * File `postgresql/conns_per_second.out` -**Depth:** surface +**Depth:** Surface -**Security Impact:** *low* — +**Security Impact:** *Low* — no known security impact. ### Databases (`postgresql_databases`) -List of databases in the PostgreSQL node +List of databases in the PostgreSQL node. -Report output: +**Report output:** - * file `postgresql/databases.out` + * File `postgresql/databases.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### postgresql_db_bdr_tables_and_views (`postgresql_db_bdr_tables_and_views`) Collect all the tables and views of the BDR extension, except for: -- bdr.apply_log — bdr.conflict_history — bdr.consensus_kv_data -- bdr.internal_node_pre_commit — bdr.replication_status - -bdr.state_journal — bdr.stat_activity +- `bdr.apply_log` +- `bdr.conflict_history` +- `bdr.consensus_kv_data` +- `bdr.internal_node_pre_commit` +- `bdr.replication_status` +- `bdr.state_journal` +- `bdr.stat_activity` -Report output: +**Report output:** - * file `/postgresql/dbs/dbname/bdr/*`: Content of all tables under the BDR schema + * File `/postgresql/dbs/dbname/bdr/*`: Content of all tables under the BDR schema -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### postgresql_db_pglogical_tables_and_views (`postgresql_db_pglogical_tables_and_views`) -Collect all the tables and views of the pglogical extension +Collect all the tables and views of the pglogical extension. -Report output: +**Report output:** - * file `/postgresql/dbs/dbname/pglogical/*`: Content of all tables under the pglogical schema + * File `/postgresql/dbs/dbname/pglogical/*`: Content of all tables under the pglogical schema -**Depth:** shallow +**Depth:** Shallow +**Security impact:** Low — +No known security impact. -**Security Impact:** *low* — -no known security impact. - -### Database/Role Setting (`postgresql_db_role_setting`) +### Database/role setting (`postgresql_db_role_setting`) -List of database/role settings in the PostgreSQL node +List of database/role settings in the PostgreSQL node. -Report output: +**Report output:** - * file `postgresql/db_role_setting.out` + * File `postgresql/db_role_setting.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Node and snapshot data (`postgresql_node`) -Information about the running PostgreSQL node +Information about the running PostgreSQL node. -Report output: +**Report output:** - * file `postgresql/node.out` + * File `postgresql/node.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### pg_config (`postgresql_pg_config`) PostgreSQL `pg_config` command output. -Report output: +**Report output:** - * file `/postgresql/pg_config.data`: `pg_config` command output + * File `/postgresql/pg_config.data`: `pg_config` command output -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### pg_controldata (`postgresql_pg_controldata`) PostgreSQL `pg_controldata` information. -Report output: - - * file `/postgresql/pg_controldata.data`: `pg_controldata` command output +**Report output:** -**Depth:** surface + * File `/postgresql/pg_controldata.data`: `pg_controldata` command output +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Version (`postgresql_pg_version`) PostgreSQL client and server version. -Report output: - - * file `/postgresql/postgresql_server_version.data`: PostgreSQL server version - * file `/postgresql/postgresql_client_version.data`: PostgreSQL client version +**Report output:** -**Depth:** surface + * File `/postgresql/postgresql_server_version.data`: PostgreSQL server version + * File `/postgresql/postgresql_client_version.data`: PostgreSQL client version +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_prepared_xacts contents (`postgresql_prepared_xacts`) -Status of prepared xacts (from pg_prepared_xacts) - -Report output: +Status of prepared xacts (from `pg_prepared_xacts`) - * file `postgresql/prepared_xacts.out` +**Report output:** -**Depth:** surface + * File `postgresql/prepared_xacts.out` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_replication_origin_status contents (`postgresql_replication_origin`) -Status of replication origins (from pg_replication_origin_status) +Status of replication origins (from `pg_replication_origin_status`) -Report output: +**Report output:** - * file `postgresql/replication_origins.out` + * File `postgresql/replication_origins.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_replication_slots contents (`postgresql_replication_slots`) -Replication slots (from pg_replication_slots) +Replication slots (from `pg_replication_slots`). -Report output: +**Report output:** - * file `postgresql/replication_slots.out` + * File `postgresql/replication_slots.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Roles (`postgresql_roles`) -Database roles from `pg_roles` +Database roles from `pg_roles`. -Report output: +**Report output:** - * file `postgresql/roles.out` + * File `postgresql/roles.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *medium* — -pg_roles might contain bad security policies +**Security impact:** Medium — +`pg_roles` might contain bad security policies. ### Current activity stats (`postgresql_running_activity`) Information related to the current activity on running processes (from -`pg_stat_activity`) - -Report output: +`pg_stat_activity`). - * file `postgresql/running_activity.out` +**Report output:** -**Depth:** shallow + * File `postgresql/running_activity.out` +**Depth:** Shallow -**Security Impact:** *low* — -queries in `pg_stat_activity` could contain user names and application +**Security impact:** Low — +Queries in `pg_stat_activity` could contain user names and application names. ### Age of current oldest running backend/transaction/query in the cluster (`postgresql_running_activity_oldestage`) -Age of current oldest running backend/transaction/query in the cluster +Age of current oldest running backend/transaction/query in the cluster. -Report output: +**Report output:** - * file `postgresql/running_activity_maxage.out` + * File `postgresql/running_activity_maxage.out` -**Depth:** surface +**Depth:** Surface -**Security Impact:** *low* — +**Security Impact:** *Low* — no known security impact. ### Active locks (`postgresql_running_locks`) -List of active locks +List of active locks. -Report output: +**Report output:** - * file `postgresql/running_locks.out` + * File `postgresql/running_locks.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### pg_server_limits (`postgresql_server_limits`) Real effective kernel OS limits for the postmaster PID. -Report output: +**Report output:** - * file `/postgresql/pg_server_limits_PORT.data`: `prlimit` for postmaster PID + * File `/postgresql/pg_server_limits_PORT.data`: `prlimit` for postmaster PID -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_shmem_allocations contents (`postgresql_shmem_allocations`) -Status of shared memory allocations (from pg_shmem_allocations) - -Report output: +Status of shared memory allocations (from `pg_shmem_allocations`). - * file `postgresql/shmem_allocations.out` +**Report output:** -**Depth:** surface + * File `postgresql/shmem_allocations.out` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_stat_progress_analyze contents (`postgresql_stat_progress_analyze`) -ANALYZE progress - -Report output: +`ANALYZE` progress. - * file `postgresql/pg_stat_progress_analyze.out` +**Report output:** -**Depth:** surface + * File `postgresql/pg_stat_progress_analyze.out` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_stat_progress_basebackup contents (`postgresql_stat_progress_basebackup`) -BASEBACKUP progress +`BASEBACKUP` progress. -Report output: +**Report output:** - * file `postgresql/pg_stat_progress_basebackup.out` + * File `postgresql/pg_stat_progress_basebackup.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_stat_progress_copy contents (`postgresql_stat_progress_copy`) -COPY progress +`COPY` progress. -Report output: +**Report output:** - * file `postgresql/pg_stat_progress_copy.out` + * File `postgresql/pg_stat_progress_copy.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_stat_progress_vacuum contents (`postgresql_stat_progress_vacuum`) -VACUUM progress +`VACUUM` progress. -Report output: +**Report output:** - * file `postgresql/pg_stat_progress_vacuum.out` + * File `postgresql/pg_stat_progress_vacuum.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Current pg_stat_replication contents (`postgresql_stat_replication`) -Replication connections (from pg_stat_replication) +Replication connections (from `pg_stat_replication`). -Report output: +**Report output:** - * file `postgresql/replication.out` + * File `postgresql/replication.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Server subscription statistics (`postgresql_subscription_statistics`) -Statistics of subscriptions - -Report output: +Statistics of subscriptions. - * file `postgresql/subscription_statistics.out` +**Report output:** -**Depth:** shallow + * File `postgresql/subscription_statistics.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Server subscriptions (`postgresql_subscriptions`) -List of subscriptions - -Report output: +List of subscriptions. - * file `postgresql/subscriptions.out` +**Report output:** -**Depth:** shallow + * File `postgresql/subscriptions.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Tablespaces (`postgresql_tablespaces`) -Tablespaces information and location - -Report output: +Tablespaces information and location. - * file `postgresql/tablespaces.out` +**Report output:** -**Depth:** surface + * File `postgresql/tablespaces.out` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Workload characteristics using waits (`postgresql_waits_stats`) -PostgreSQL workload characterisation using built-in wait events +PostgreSQL workload characterization using built-in wait events. -Report output: +**Report output:** - * file `postgresql/running_waits_sample.out`: Workload characterisation using built-in wait events + * File `postgresql/running_waits_sample.out`: Workload characterization using built-in wait events -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. -## Details for every PostgreSQL/BDR3 Database +## Details for every PostgreSQL/BDR3 database ### BDR1 replication slots (`postgresql_db_bdr1_replication_slots`) -List of replication slots with 9.6 format for BDR1 +List of replication slots with 9.6 format for BDR1. -Report output: +**Report output:** - * file `bdr1_replication_slots.out` + * File `bdr1_replication_slots.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR2 replication slots (`postgresql_db_bdr2_replication_slots`) -List of replication slots with 9.6 format for BDR2 +List of replication slots with 9.6 format for BDR2. -Report output: +**Report output:** - * file `bdr2_replication_slots.out` + * File `bdr2_replication_slots.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR conflict_history_summary aggregation (`postgresql_db_bdr3_conflict_history_summary_agg`) -Collect aggregate count for all types of conflicts +Collect aggregate count for all types of conflicts. -Report output: +**Report output:** - * file `bdr_conflict_history_summary_agg.out` + * File `bdr_conflict_history_summary_agg.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR current activity stats (`postgresql_db_bdr3_stat_activity`) Information related to the current activity on running processes (from -`bdr.stat_activity`) - -Report output: +`bdr.stat_activity`). - * file `bdr_stat_activity.out` +**Report output:** -**Depth:** shallow + * File `bdr_stat_activity.out` +**Depth:** Shallow -**Security Impact:** *low* — -queries in `bdr.stat_activity` could contain user names and +**Security impact:** Low — +Queries in `bdr.stat_activity` could contain user names and application names. ### BDR sequences (`postgresql_db_bdr_sequences`) -List of the BDR sequences +List of the BDR sequences. -Report output: +**Report output:** - * file `bdr_sequences.out` + * File `bdr_sequences.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR version (`postgresql_db_bdr_version`) -Currently used version of BDR +Currently used version of BDR. -Report output: +**Report output:** - * file `bdr_version.out` + * File `bdr_version.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database extensions (`postgresql_db_extensions`) -List of extensions in the database - -Report output: +List of extensions in the database. - * file `extensions.out` +**Report output:** -**Depth:** shallow + * File `extensions.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database indexes (`postgresql_db_indexes`) -List of indexes in the database +List of indexes in the database. -Report output: +**Report output:** - * file `indexes.out` + * File `indexes.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database procedural languages (`postgresql_db_languages`) -Procedural languages in the database - -Report output: +Procedural languages in the database. - * file `language.out` +**Report output:** -**Depth:** shallow + * File `language.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR monitor_group_raft (`postgresql_db_monitor_group_raft`) -Check the raft status in the bdr cluster +Check the raft status in the BDR cluster. -Report output: +**Report output:** - * file `bdr_monitor_group_raft.out` + * File `bdr_monitor_group_raft.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR monitor_group_versions (`postgresql_db_monitor_group_versions`) -Check the version of all BDR nodes +Check the version of all BDR nodes. -Report output: +**Report output:** - * file `bdr_monitor_group_versions.out` + * File `bdr_monitor_group_versions.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### BDR monitor_local_replslots (`postgresql_db_monitor_local_replslots`) -Check all the replication slot status +Check all the replication slot status. -Report output: +**Report output:** - * file `bdr_monitor_local_replslots.out` + * File `bdr_monitor_local_replslots.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database operators (`postgresql_db_operators`) -Operators in the database +Operators in the database. -Report output: +**Report output:** - * file `operator.out` + * File `operator.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database partitioned tables (`postgresql_db_partitioned_tables`) -Information about partitioned tables (using declarative partitioning) - -Report output: +Information about partitioned tables (using declarative partitioning). - * file `partitioned_table.out` +**Report output:** -**Depth:** shallow + * File `partitioned_table.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.agent table tuples (`postgresql_db_pem_agent`) -Data from metatable pem.agent +Data from metatable `pem.agent`. -Report output: +**Report output:** - * file `pem_agent.out` + * File `pem_agent.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.agent_config table tuples (`postgresql_db_pem_agent_config`) -Data from metatable pem.agent_config +Data from metatable `pem.agent_config`. -Report output: +**Report output:** - * file `pem_agent_config.out` + * File `pem_agent_config.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.agent_heartbeat table tuples (`postgresql_db_pem_agent_heartbeat`) -Data from metatable pem.agent_heartbeat +Data from metatable `pem.agent_heartbeat`. -Report output: +**Report output:** - * file `pem_agent_heartbeat.out` + * File `pem_agent_heartbeat.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.agent_server_binding table tuples (`postgresql_db_pem_agent_server_binding`) -Data from metatable pem.agent_server_binding +Data from metatable `pem.agent_server_binding`. -Report output: +**Report output:** - * file `pem_agent_server_binding.out` + * File `pem_agent_server_binding.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.config table tuples (`postgresql_db_pem_config`) -Data from metatable pem.config +Data from metatable `pem.config`. -Report output: +**Report output:** - * file `pem_config.out` + * File `pem_config.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.email_group table tuples (`postgresql_db_pem_email_group`) -Data from metatable pem.email_group +Data from metatable `pem.email_group`. -Report output: +**Report output:** - * file `pem_email_group.out` + * File `pem_email_group.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.email_group_option table tuples (`postgresql_db_pem_email_group_option`) -Data from metatable pem.email_group_option - -Report output: +Data from metatable `pem.email_group_option`. - * file `pem_email_group_option.out` +**Report output:** -**Depth:** shallow + * File `pem_email_group_option.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.probe table tuples (`postgresql_db_pem_probe`) -Data from metatable pem.probe - -Report output: +Data from metatable `pem.probe`. - * file `pem_probe.out` +**Report output:** -**Depth:** shallow + * File `pem_probe.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.probe_schedule table tuples (`postgresql_db_pem_probe_schedule`) -Data from metatable pem.probe_schedule - -Report output: +Data from metatable `pem.probe_schedule`. - * file `pem_probe_schedule.out` +**Report output:** -**Depth:** shallow + * File `pem_probe_schedule.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.schema_version() output (`postgresql_db_pem_schema_version`) -Output from function pem.schema_version() +Output from function `pem.schema_version()`. -Report output: +**Report output:** - * file `pem_schema_version.out` + * File `pem_schema_version.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.server table tuples (`postgresql_db_pem_server`) -Data from metatable pem.server +Data from metatable `pem.server`. -Report output: +**Report output:** - * file `pem_server.out` + * File `pem_server.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.server_heartbeat table tuples (`postgresql_db_pem_server_heartbeat`) -Data from metatable pem.server_heartbeat +Data from metatable `pem.server_heartbeat`. -Report output: +**Report output:** - * file `pem_server_heartbeat.out` + * File `pem_server_heartbeat.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.smtp_spool table tuples (`postgresql_db_pem_smtp_spool`) -Data from metatable pem.smtp_spool +Data from metatable `pem.smtp_spool`. -Report output: +**Report output:** - * file `pem_smtp_spool.out` + * File `pem_smtp_spool.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database PEM pem.snmp_spool table tuples (`postgresql_db_pem_snmp_spool`) -Data from metatable pem.snmp_spool +Data from metatable `pem.snmp_spool`. -Report output: +**Report output:** - * file `pem_snmp_spool.out` + * File `pem_snmp_spool.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Pglogical subscription status (`postgresql_db_pglogical_subscription_status`) -List of tables replicated by pglogical - -Report output: +List of tables replicated by pglogical. - * file `pglogical_subscription_status.out` +**Report output:** -**Depth:** surface + * File `pglogical_subscription_status.out` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database functions (`postgresql_db_procs`) -Functions in the database - -Report output: +Functions in the database. - * file `proc.out` +**Report output:** -**Depth:** shallow + * File `proc.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database publication tables (`postgresql_db_publication_tables`) -List of tables of publications of the database +List of tables of publications of the database. -Report output: +**Report output:** - * file `publication_tables.out` + * File `publication_tables.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database publications (`postgresql_db_publications`) -List of publications of the database +List of publications of the database. -Report output: +**Report output:** - * file `publications.out` + * File `publications.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database repmgr repmgr.events table tuples (`postgresql_db_repmgr_events`) -Data from metatable repmgr.events +Data from metatable `repmgr.events`. -Report output: +**Report output:** - * file `repmgr/events.out` + * File `repmgr/events.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database repmgr repmgr.monitoring_history table tuples (`postgresql_db_repmgr_monitoring_history`) -Data from metatable repmgr.monitoring_history +Data from metatable `repmgr.monitoring_history`. -Report output: +**Report output:** - * file `repmgr/monitoring_history.out` + * File `repmgr/monitoring_history.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database repmgr repmgr.nodes table tuples (`postgresql_db_repmgr_nodes`) -Data from metatable repmgr.nodes - -Report output: +Data from metatable `repmgr.nodes`. - * file `repmgr/nodes.out` +**Report output:** -**Depth:** shallow + * File `repmgr/nodes.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database repmgr repmgr.replication_status table tuples (`postgresql_db_repmgr_replication_status`) -Data from metatable repmgr.replication_status +Data from metatable `repmgr.replication_status`. -Report output: +**Report output:** - * file `repmgr/replication_status.out` + * File `repmgr/replication_status.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database repmgr repmgr.show_nodes table tuples (`postgresql_db_repmgr_show_nodes`) -Data from metatable repmgr.show_nodes - -Report output: +Data from metatable `repmgr.show_nodes`. - * file `repmgr/show_nodes.out` +**Report output:** -**Depth:** shallow + * File `repmgr/show_nodes.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database schema (`postgresql_db_schemas`) -List of schemas in the database +List of schemas in the database. -Report output: +**Report output:** - * file `schemas.out` + * File `schemas.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database statistics (`postgresql_db_statistics`) -Statistics of the database +Statistics of the database. -Report output: +**Report output:** - * file `statistics.out` + * File `statistics.out` -**Depth:** deep +**Depth:** Deep - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database subscription tables (`postgresql_db_subscription_tables`) -List of tables of subscriptions of the database +List of tables of subscriptions of the database. -Report output: +**Report output:** - * file `subscription_tables.out` + * File `subscription_tables.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database tables (`postgresql_db_tables`) -List of tables in the database +List of tables in the database. -Report output: +**Report output:** - * file `tables.out` + * File `tables.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database types (`postgresql_db_types`) -Types in the database +Types in the database. -Report output: +**Report output:** - * file `type.out` + * File `type.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.xdb_mmr_pub_group table tuples (`postgresql_db_xdb_mmr_pub_group`) -Data from metatable _edb_replicator_pub.xdb_mmr_pub_group +Data from metatable `_edb_replicator_pub.xdb_mmr_pub_group`. -Report output: +**Report output:** - * file `xdb_mmr_pub_group.out` + * File `xdb_mmr_pub_group.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.xdb_pub_database table tuples (`postgresql_db_xdb_pub_database`) -Data from metatable _edb_replicator_pub.xdb_pub_database - -Report output: +Data from metatable `_edb_replicator_pub.xdb_pub_database`. - * file `xdb_pub_database.out` +**Report output:** -**Depth:** shallow + * File `xdb_pub_database.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.xdb_pub_replog table tuples (`postgresql_db_xdb_pub_replog`) -Last 50 rows from metatable _edb_replicator_pub.xdb_pub_replog - -Report output: +Last 50 rows from metatable `_edb_replicator_pub.xdb_pub_replog`. - * file `xdb_pub_replog.out` +**Report output:** -**Depth:** shallow + * File `xdb_pub_replog.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.xdb_publication_subscriptionstable tuples (`postgresql_db_xdb_publication_subscriptions`) -Data from metatable_edb_replicator_pub.xdb_publication_subscriptions - -Report output: +Data from metatable `_edb_replicator_pub.xdb_publication_subscriptions`. - * file `xdb_publication_subscriptions.out` +**Report output:** -**Depth:** shallow + * File `xdb_publication_subscriptions.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.xdb_publications table tuples (`postgresql_db_xdb_publications`) -Data from metatable _edb_replicator_pub.xdb_publications +Data from metatable `_edb_replicator_pub.xdb_publications`. -Report output: +**Report output:** - * file `xdb_publications.out` + * File `xdb_publications.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.rrep_mmr_pub_group table tuples (`postgresql_db_xdb_rrep_mmr_pub_group`) -Data from metatable _edb_replicator_pub.rrep_mmr_pub_group +Data from metatable `_edb_replicator_pub.rrep_mmr_pub_group`. -Report output: +**Report output:** - * file `xdb_rrep_mmr_pub_group.out` + * File `xdb_rrep_mmr_pub_group.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.rrep_mmr_txset table tuples (`postgresql_db_xdb_rrep_mmr_txset`) -Last 10 rows from metatable _edb_replicator_pub.rrep_mmr_txset +Last 10 rows from metatable `_edb_replicator_pub.rrep_mmr_txset`. -Report output: +**Report output:** - * file `xdb_rrep_mmr_txset.out` + * File `xdb_rrep_mmr_txset.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.rrep_properties table tuples (`postgresql_db_xdb_rrep_properties`) -Data from from metatable _edb_replicator_pub.rrep_properties +Data from from metatable `_edb_replicator_pub.rrep_properties`. -Report output: +**Report output:** - * file `xdb_rrep_properties.out` + * File `xdb_rrep_properties.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.rrep_publication_tablestable tuples (`postgresql_db_xdb_rrep_publication_tables`) -Data from from metatable_edb_replicator_pub.rrep_publication_tables - -Report output: +Data from from metatable `_edb_replicator_pub.rrep_publication_tables`. - * file `xdb_rrep_publication_tables.out` +**Report output:** -**Depth:** shallow + * File `xdb_rrep_publication_tables.out` +**Depth:** Shallow -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Database xDB _edb_replicator_pub.rrep_txset table tuples (`postgresql_db_xdb_rrep_txset`) -Data from metatable _edb_replicator_pub.rrep_txset +Data from metatable `_edb_replicator_pub.rrep_txset`. -Report output: +**Report output:** - * file `xdb_pub_rrep_txset.out` + * File `xdb_pub_rrep_txset.out` -**Depth:** shallow +**Depth:** Shallow - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Oracle-compatibile partitioning key view (`postgresql_epas_all_part_key_columns`) -Provides partitioning key details (all_part_key_columns, EPAS -specific) +Provides partitioning key details (`all_part_key_columns`, EDB Postgres Advanced Server +specific). -Report output: +**Report output:** - * file `epas_all_part_key_columns.out` + * File `epas_all_part_key_columns.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Oracle-compatibile all partitioned table view (`postgresql_epas_all_part_tables`) -All partitioned tables view (from all_part_tables, EPAS specific) +All partitioned tables view (from `all_part_tables`, EDB Postgres Advanced Server specific). -Report output: +**Report output:** - * file `epas_all_part_tables.out` + * File `epas_all_part_tables.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Oracle-compatibile subpartitioning key view (`postgresql_epas_all_subpart_key_columns`) -Provides subpartitioning key details (all_subpart_key_columns, EPAS -specific) +Provides subpartitioning key details (`all_subpart_key_columns`, EDB Postgres Advanced Server +specific). -Report output: +**Report output:** - * file `epas_all_subpart_key_columns.out` + * File `epas_all_subpart_key_columns.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Oracle-compatibile all table partitions view (`postgresql_epas_all_tab_partitions`) -All partitions of all partitioned tables view (all_tab_partitions, -EPAS specific) +All partitions of all partitioned tables view (`all_tab_partitions`, +EDB Postgres Advanced Server specific). -Report output: +**Report output:** - * file `epas_all_tab_partitions.out` + * File `epas_all_tab_partitions.out` -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Oracle-compatibile all table subpartitioning view (`postgresql_epas_all_tab_subpartitions`) All subpartitions of all partitioned tables view -(all_tab_subpartitions, EPAS specific) +(`all_tab_subpartitions`, EDB Postgres Advanced Server specific). -Report output: +**Report output:** - * file `epas_all_tab_subpartitions.out` + * File `epas_all_tab_subpartitions.out` -**Depth:** surface +**Depth:** Surface +**Security impact:** Low — +No known security impact. -**Security Impact:** *low* — -no known security impact. +### EDB Postgres Advanced Server-specific dblink information (`postgresql_epas_dblink`) -### EPAS specific dblink information (`postgresql_epas_dblink`) +Current EDB Postgres Advanced Server dblink information from `edb_dblink`. -Current EPAS dblink information from edb_dblink) +**Report output:** -Report output: + * File `epas_dblink.out` - * file `epas_dblink.out` +**Depth:** Surface -**Depth:** surface - - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ## Barman (Backup and Recovery Manager) @@ -2272,56 +2127,50 @@ no known security impact. Collect the status of the Barman `check` framework for all configured servers. -Report output: - - * file `/barman/barman_check.data`: Output of `barman check` +**Report output:** -**Depth:** surface + * File `/barman/barman_check.data`: Output of `barman check` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Barman diagnose (`barman_diagnose`) -Collect the barman diagnosis information - -Report output: +Collect the Barman diagnosis information. - * file `/barman/diagnose.data`: Output from 'barman diagnose' +**Report output:** -**Depth:** surface + * File `/barman/diagnose.data`: Output from `barman diagnose` +**Depth:** Surface -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Barman executable location (`barman_executable`) -Collect the 'barman' executable location +Collect the `barman` executable location. -Report output: +**Report output:** - * file `/barman/barman_location.data`: The path of the main barman executable + * File `/barman/barman_location.data`: The path of the main barman executable -**Depth:** surface +**Depth:** Surface - -**Security Impact:** *low* — -no known security impact. +**Security impact:** Low — +No known security impact. ### Barman module location (`barman_modules_path`) -Collect the location of the 'barman' Python modules +Collect the location of the Barman Python modules. -Report output: +**Report output:** - * file `/barman/barman_python_verbose.data`: The list of Barman python modules - -**Depth:** surface - - -**Security Impact:** *low* — -no known security impact. + * File `/barman/barman_python_verbose.data`: The list of Barman Python modules +**Depth:** Surface +**Security impact:** Low — +No known security impact. diff --git a/product_docs/docs/lasso/4/index.mdx b/product_docs/docs/lasso/4/index.mdx index d945e79ba20..7ac214a661e 100644 --- a/product_docs/docs/lasso/4/index.mdx +++ b/product_docs/docs/lasso/4/index.mdx @@ -13,12 +13,12 @@ navigation: - appendix-a --- -EDB has developed a small multi-platform application called Lasso that +EDB developed a small multi-platform application called Lasso. Lasso can safely gather relevant diagnostics data on a system where Postgres and other relevant supported software, such as Barman, is running. You can also run Lasso on systems where Postgres isn't -installed to gather all relevant information regarding the +installed to gather all relevant information about the underlying operating system. Consult the specific information for your operating system. @@ -32,7 +32,7 @@ the rows of your Postgres user tables is gathered. [^1] [^1]: Gathered diagnostics data files are available for your inspection. -Lasso is crucial for Support Operations because it allows EDB's +Lasso is crucial for support operations because it allows EDB's engineers to have a centralized and standardized source of information -about your system, greatly improving our resolution times and quality of +about your system. This ability greatly improves our resolution times and quality of services. diff --git a/product_docs/docs/lasso/4/install.mdx b/product_docs/docs/lasso/4/install.mdx index df384f28d8f..78a67ee68b3 100644 --- a/product_docs/docs/lasso/4/install.mdx +++ b/product_docs/docs/lasso/4/install.mdx @@ -3,8 +3,8 @@ title: Installing Lasso --- EDB distributes the application through the -[EDB Website](https://www.enterprisedb.com/software-downloads-postgres) -and grants usage to its customers using their *company token* as a means of +[EDB website](https://www.enterprisedb.com/software-downloads-postgres) +and grants usage to customers using a *company token* as a means of authentication. @@ -12,14 +12,14 @@ authentication. You can install Lasso on any major supported Linux distribution by following the corresponding Linux installation option for your system from the -[EDB Website Downloads](https://www.enterprisedb.com/software-downloads-postgres), -or directly from the -[EDB repositories for Linux page](https://www.enterprisedb.com/repos), -choosing Lasso and following the installation instructions. +[EDB Downloads page](https://www.enterprisedb.com/software-downloads-postgres). +Or, you can install it directly from the +[EDB repositories for Linux page](https://www.enterprisedb.com/repos). +Choose Lasso and following the installation instructions. After installing the EDB repository for your subscription on your system, -you will be able to install Lasso on Linux using the package manager tool -for your Linux distribution, for example, including but not limited to: +you can install Lasso on Linux using the package manager tool +for your Linux distribution. Examples include (but aren't limited to): - Debian / Ubuntu: @@ -39,49 +39,48 @@ for your Linux distribution, for example, including but not limited to: dnf install edb-lasso ``` -If you system has access to the Internet, then installing the `edb-lasso` -package using your package manager will already automatically install the -Lasso dependencies, which are: +If your system has internet access, then installing the `edb-lasso` +package using your package manager installs these +Lasso dependencies: - `python3` - `python3-psycopg2` - `python3-setuptools` - `python3-psutil` -If your system does not have access to the Internet, then these dependencies -need to be downloaded and installed manually. Consult EDB Support for more +If your system doesn't have internet access, then you need to download these dependencies +and install them manually. Consult EDB Support for more details. ## Windows Lasso for Windows is a single-file binary executable called -`lasso-windows-X.Y.Z.exe`, where `X.Y.Z` is the current Lasso version, which -can be downloaded from the -[EDB Website Downloads page](https://www.enterprisedb.com/software-downloads-postgres). +`lasso-windows-X.Y.Z.exe`, where `X.Y.Z` is the current Lasso version. You +can download it from the +[EDB Downloads page](https://www.enterprisedb.com/software-downloads-postgres). On Windows, Lasso doesn't require installing any dependencies, but Lasso -can only run on Windows Server 2008 R2 or newer. +can run only on Windows Server 2008 R2 or later. ## Configuration file -If you try to run Lasso without a configuration file, it will error out -with: +If you try to run Lasso without a configuration file, this error occurs: ``` ERROR: no configuration file for Lasso could be found. Please create a configuration file and try again. ``` Lasso requires a configuration file, which can be one of the following -options (it uses the first match): +options. (It uses the first match.) -1. `./edb-lasso.cfg` in the same directory where Lasso is running -2. `./edb-lasso.conf` in the same directory where Lasso is running -3. `$HOME/.edb-lasso.conf` -4. `/etc/edb-lasso.conf` +- `./edb-lasso.cfg` in the same directory where Lasso is running +- `./edb-lasso.conf` in the same directory where Lasso is running +- `$HOME/.edb-lasso.conf` +- `/etc/edb-lasso.conf` -The minimum configuration file should look like this: +The minimum configuration file looks like this: ``` [customer] @@ -89,16 +88,16 @@ id=XXXXX token=YYYYYYYYY ``` -Replacing the `id` and `token` above with the information found in your -company page in the Support Portal (in the left menu bar, click on -`Company info` then click on `Company`). The `Company code` from the page -should be filled in the `id` field in the configuration file, and the -`Token` from the page should be filled in the `token` field in the +Replace the `id` and `token` value with the information found in your +company page in the Support Portal. (In the left menu bar, select +**Company info > Company**.) Enter the **Company code** value from this page +in the `id` field in the configuration file. Enter the +**Token** value in the `token` field in the configuration file. !!! Important -A configuration file for Lasso is mandatory, at least -with the customer id and token. +A configuration file for Lasso is mandatory and must contain at least +the customer id and token. !!! For more details about the Lasso configuration, see @@ -108,27 +107,27 @@ For more details about the Lasso configuration, see ## Executing Lasso After installing Lasso and creating an appropriate configuration file, -then a standard Lasso execution on Linux consists of simply: +a standard Lasso execution on Linux is: ``` lasso ``` -On Windows, in order to run Lasso, you need to do the following: +On Windows, to run Lasso, you need to do the following: -1. In the Start Menu, search for "cmd"; -2. Right-click the "Command Prompt" and choose "Run as administrator"; -3. If Windows asks whether you allow "Command Prompt" to do changes in the system, click "Yes"; -4. Inside the "Command Prompt", `cd` to the directory where the Lasso `.exe` file is located; -4. Execute the command "lasso-windows-X.Y.Z.exe", where `X.Y.Z` is the Lasso version: +1. In the **Start** menu search field, enter `cmd`. +2. On the **Start** menu, right-click **Command Prompt** and select **Run as administrator**. +3. If Windows prompts you to allow Command Prompt to make changes in the system, select **Yes**. +4. At the Command Prompt, `cd` to the directory where the Lasso `.exe` file is located. +4. Execute the command `lasso-windows-X.Y.Z.exe`, where `X.Y.Z` is the Lasso version. ``` lasso-windows-X.Y.Z.exe -H IP_ADDRESS -p PORT --password PASSWORD DATABASE_NAME USER_NAME ``` -Alternatively, if you fill the settings under the `postgresql` section +Alternatively, if you fill in the settings under the `postgresql` section in the configuration file telling Lasso how to connect to Postgres, then -you can execute Lasso from the Windows explorer by right-clicking on the -`.exe` file, then choosing `Run as administrator`. +you can execute Lasso from the Windows Explorer. Right-click the +`.exe` file, and then select **Run as administrator**. For more details on the many Lasso options, see [Usage](usage). diff --git a/product_docs/docs/lasso/4/release-notes.mdx b/product_docs/docs/lasso/4/release-notes.mdx index cd23d4d9229..c4342ea117b 100644 --- a/product_docs/docs/lasso/4/release-notes.mdx +++ b/product_docs/docs/lasso/4/release-notes.mdx @@ -2,200 +2,205 @@ title: Release notes --- -## Lasso - Version 4.12.0 (2024-01-09) +## Lasso - Version 4.12.0 -### New Features +Released: 09 Jan 2024 -- New file postgresql/conns_per_second.out, which shows the current rate of new connections established to the database during an observation period of 3 seconds (DC-892). -- New file postgresql/running_activity_maxage.out, which shows the age of the oldest running backend, transaction and query in the database (DC-893). +Lasso Version 4.12.0 includes the following enhancements and bug fixes: -### Bug Fixes - -- Fixed an issue where extremely large data files were allowed to be included in the Lasso report, in some situations causing elevated memory usage. Now by default any data file larger than 500 MB is discarded (configurable with a new command line argument --local-size-limit) with a corresponding entry in the new contents.data file (RT100724, DC-944). -- Fixed an issue where Lasso RPM packages were marked as obsolete, even if they were the latest version (RT100304, DC-899). -- Fixed an issue where the Lasso lock file was not being deleted at the end of the execution (DC-894). - -### Deprecation Notice +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Now produces file postgresql/conns_per_second.out, which shows the current rate of new connections established to the database during an observation period of 3 seconds. | DC-892 | +| Feature | Now produces file postgresql/running_activity_maxage.out, which shows the age of the oldest running backend, transaction and query in the database. | DC-893 | +| Bug fix | Fixed an issue where extremely large data files were allowed to be included in the Lasso report, in some situations causing elevated memory usage. Now by default any data file larger than 500 MB is discarded (configurable with a new command line argument `--local-size-limit`) with a corresponding entry in the new contents.data file. | RT100724, DC-944 | +| Bug fix | Fixed an issue where Lasso RPM packages were marked as obsolete, even if they were the latest version. | RT100304, DC-899 | +| Bug fix | Fixed an issue where the Lasso lock file was not being deleted at the end of the execution. | DC-894 | +!!! Important Deprecation Notice - PostgreSQL 11 is now EOL and considered deprecated (DC-945). +!!! +## Lasso - Version 4.11.0 -## Lasso - Version 4.11.0 (2023-12-14) - -### New features - -- Implement EPAS and 2ndQPG flavour detection (DC-875) -- Gathering EPAS Catalog - Views related to partitioned tables in Oracle syntax (DC-266) -- Support for PostgreSQL 16 (DC-887) -- Add support for RHEL9 (DC-802, DC-803) - -### Bug fix - -- Fix situation when `ls pg_data` command takes much time to complete (when number of files is extremely large). Adding -a default `timeout` of `120s` for this cases. (DC-845) - - -## Lasso - Version 4.10.0 (2023-11-07) - -### New features - -- Implement a new feature (filelock) to not rely on an EPEL dependency (DC-863) - -### Deprecation notes - -- Deprecate Ubuntu Bionic (18.04) as it is EOL since June 2023 (DC-877) - - -## Lasso - Version 4.9.0 (2023-10-17) - -### New features - -- Include the limits for the postmaster process (DC-162) -- Add progress reporting views (DC-170) -- Add waits profiling via pg_stat_activity (DC-841) - -### Bug fix - -- Fix issue related to the report filename when the hostname is a socket path (DC-769) -- Fix issue for the SET ROLE syntax (DC-842) -- Fix issue on Hostname from config file (DC-864) - - -## Lasso - Version 4.8.0 (2023-07-06) - -### New features +Released: 14 Dec 2023 -- Add support for PGD Proxy: - - New option `--pgd-proxy-configuration` for custom installations of pgd-proxy (Default: - `/etc/edb/pgd-proxy/pgd-proxy-config.yml`) (DC-696); - - Collect the contents of the PGD Proxy configuration file (DC-697); - - Collect the output of systemctl status pgd-proxy (DC-698). - - Collect the output of systemctl cat pgd-proxy (DC-699). +Lasso Version 4.11.0 includes the following enhancements and bug fixes: +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Implemented EDB Postgres Advanced Server and 2ndQPG flavor detection. | DC-875 | +| Feature | Now gathering EDB Postgres Advanced Server Catalog - Views related to partitioned tables in Oracle syntax. | (DC-266) | +| Feature | Added support for PostgreSQL 16. | DC-887 | +| Feature | Added support for RHEL9. | DC-802, DC-803 | +| Bug fix | Fixed situation when `ls pg_data` command takes much time to complete with extremely large number of files. Added a default `timeout` of `120s` for this case. | DC-845 | -## Lasso - Version 4.7.0 (2023-06-01) +## Lasso - Version 4.10.0 -### New features +Released: 07 Nov 2023 -- Collect output of `systemd-detect-virt` (DC-76); -- Collect the output of `lsmod` (DC-197); -- Collect the content of `harp.cluster.init.yml` (DC-628). +Lasso Version 4.10.0 includes the following enhancements and bug fixes: -### Security fixes +!!! Deprecation + Deprecated Ubuntu Bionic (18.04) as it is EOL since June 2023. (DC-877) -- Redaction of password for Lasso with `--password` seen in `ps` and `top` outputs (DC-627). +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Implemented a feature (filelock) to not rely on an EPEL dependency. | DC-863 | -### Other bug fixes +## Lasso - Version 4.9.0 -- Fix a bug where it wasn't possible to run `lasso --help` without a configuration file (DC-490). +Released: 17 Oct 2023 +Lasso Version 4.9.0 includes the following enhancements and bug fixes: -## Lasso - Version 4.6.0 (2022-12-06) +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Added limits for the postmaster process. | DC-162 | +| Feature | Added progress reporting views. | (DC-170) | +| Feature | Added waits profiling by way of `pg_stat_activity`. | DC-841 | +| Bug fix | Fixed issue related to the report filename when the hostname is a socket path. | DC-769 | +| Bug fix | Fixed issue for the SET ROLE syntax. | DC-842 | +| Bug fix | Fixed issue on hostname from config file. | DC-864 | -### New feature +## Lasso - Version 4.8.0 -- Lasso packages open to all customers through EnterpriseDB repository (https://www.enterprisedb.com/repos) (DC-443) +Released: 06 Jul 2023 -### Improvements +Lasso Version 4.8.0 includes the following enhancements and bug fixes: -- Updated the [main Lasso Knowledge Base article](https://techsupport.enterprisedb.com/kb/a/support-lasso/) to reflect the installation from packages and the configuration file (KB-54) +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Added support for PGD Proxy. +| Feature | PGD Proxy support: Added new option `--pgd-proxy-configuration` for custom installations of pgd-proxy (Default: `/etc/edb/pgd-proxy/pgd-proxy-config.yml`). | DC-696 | +| Feature | PGD Proxy support: Now collect the contents of the PGD Proxy configuration file. | DC-697 | +| Feature | PGD Proxy support: Now collect the output of `systemctl status pgd-proxy`. | DC-698 | +| Feature | PGD Proxy support: Now collect the output of `systemctl cat pgd-proxy`. | DC-699 | -### Bug fix +## Lasso - Version 4.7.0 -- Improve Debian/Ubuntu packages to comply with the Lintian (DC-435) +Released: 01 Jun 2023 +Lasso Version 4.7.0 includes the following enhancements and bug fixes: -## Lasso - Version 4.5.0 (2022-11-15) +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Now collect output of `systemd-detect-virt`. | DC-76 | +| Feature | Now collect the output of `lsmod`. | DC-197 | +| Feature | Now collect the content of `harp.cluster.init.yml` | DC-628 | +| Security fix | Redacted password for Lasso with `--password` seen in `ps` and `top` outputs. | DC-627 | +| Bug fix | Fixed a bug whereby it wasn't possible to run `lasso --help` without a configuration file. | DC-490 | -### Improvements -- Support for PostgreSQL 15 (DC-428) -- Improved execution on situations where there is a short timeout or when Lasso is executed on the standby (DC-169). +## Lasso - Version 4.6.0 +Released: 06 Dec 2022 -## Lasso - Version 4.4.0 (2022-09-22) +Lasso Version 4.6.0 includes the following enhancements and bug fixes: -### Improvements +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Lasso packages are now open to all customers through EDB repository (https://www.enterprisedb.com/repos). | DC-443 | +| Enhancement | Updated the [main Lasso Knowledge Base article](https://techsupport.enterprisedb.com/kb/a/support-lasso/) to reflect the installation from packages and the configuration file. | KB-54 | +| Bug fix | Improved Debian/Ubuntu packages to comply with the Lintian. | DC-435 | -- Collect output of `pg_shmem_allocations` in PG >= 13 (DC-195) -- Document options for `edb-lasso.conf` (DC-308) +## Lasso - Version 4.5.0 +Released: 15 Nov 2022 -## Lasso - Version 4.3.0 (2022-08-25) +Lasso Version 4.5.0 includes the following enhancements and bug fixes: -### Improvements +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Enhancement | Added support for PostgreSQL 15. | DC-428 | +| Enhancement | Improved execution on situations where there is a short timeout or when Lasso is executed on the standby. | DC-169 | -- Lasso support for `etcd` (DC-367, DC-371, DC-370, DC-369, DC-368) +## Lasso - Version 4.4.0 -### Bug +Released: 22 Sep 2022 -- Gather databases and tablespaces sizes regardless of `CONNECT` privilege (DC-325) +Lasso Version 4.4.0 includes the following enhancements and bug fixes: +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Enhancement | Now collect output of `pg_shmem_allocations` in Postgres version 13 and later. | DC-195 | +| Enhancement | Documented options for `edb-lasso.conf`. | DC-308 | -## Lasso - Version 4.2.0 (2022-05-18) +## Lasso - Version 4.3.0 -### Improvements +Released: 25 Aug 2022 -- Collect systemd information for HARP (DC-331) -- Collect configuration files included in pgbouncer.ini (DC-322) -- Allow the user to specify custom paths to pgbouncer configuration files (DC-321) -- Gather etcdctl endpoint commands, if this is the consensus database (DC-309) -- Add an option to lasso to specify a different path for harp's config.yml (DC-306) -- Helper function to get harp configuration file (DC-305) -- Get harpctl outputs (DC-304) -- Get HARP config.yml (DC-303) -- Identify all the pgbouncer instances on the node (DC-157) -- Collect systemctl output for pgbouncer (DC-156) -- Collect pgbouncer.ini configuration file (DC-151) +Lasso Version 4.3.0 includes the following enhancements and bug fixes: -### Other changes +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Enhancement | Added support for `etcd`. | DC-367, DC-371, DC-370, DC-369, DC-368 | +| Bug fix | Fixed a bug and now gather databases and tablespaces sizes regardless of `CONNECT` privilege. | DC-325 | -- Fix SLES smoke tests which are failing (DC-349) -- Add support for Ubuntu 22.04 (DC-284) +## Lasso - Version 4.2.0 -### Bug +Released: 18 May 2022 -- Redact sslpassword (DC-348) +Lasso Version 4.2.0 includes the following enhancements and bug fixes: +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Enhancement | Now collect systemd information for HARP. | DC-331 | +| Enhancement | Now collect configuration files included in `pgbouncer.ini`. | DC-322 | +| Enhancement | Added support to allow the user to specify custom paths to pgbouncer configuration files. | DC-321 | +| Enhancement | Now gather etcdctl endpoint commands, if this is the consensus database. | DC-309 | +| Enhancement | Added lasso option to specify a different path for harp's `config.yml`. | DC-306 | +| Enhancement | Added helper function to get harp configuration file. | DC-305 | +| Enhancement | Added ability to get harpctl outputs. | DC-304 | +| Enhancement | Added ability to get HARP `config.yml`. | DC-303 | +| Enhancement | Added ability to identify all the pgbouncer instances on the node. | DC-157 | +| Enhancement | Now collect systemctl output for pgbouncer. | DC-156 | +| Enhancement | Now collect `pgbouncer.ini` configuration file. | DC-151 | +| Other | Fixed SLES smoke tests that are failing. | DC-349 | +| Other | Added support for Ubuntu 22.04. | DC-284 | +| Bug fix | Now redact sslpassword. | DC-348 | -## Lasso - Version 4.1.1 (2022-05-10) -### Bug +## Lasso - Version 4.1.1 -- Remove the psycopg2-binary warning from the bundle execution +Released: 10 May 2022 +Lasso Version 4.1.1 includes the following enhancements and bug fixes: -## Lasso - Version 4.1.0 (2022-05-03) +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Bug fix | Removed the psycopg2-binary warning from the bundle execution. | | -### Improvements -- Build PPC64le Lasso bundle (DC-276) -- Add `.exe` extension to Windows artifacts (DC-285) +## Lasso - Version 4.1.0 -### Other changes +Released: 03 May 2022 -- Add smoke tests for Almalinux 8 (x86_64) (DC-294) -- Add smoke tests for RHEL (x86_64 and PPC64le) (DC-295) -- Add smoke tests for SLES 12 (x86_64 and PPC64le) (DC-296) -- Add smoke tests for SLES 15 (x86_64 and PPC64le) (DC-297) +Lasso Version 4.1.0 includes the following enhancements and bug fixes: -### Bug +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Enhancement | Built PPC64le Lasso bundle. | DC-276 | +| Enhancement | Added `.exe` extension to Windows artifacts. | DC-285 | +| Other | Added smoke tests for Almalinux 8 (x86_64). | DC-294 | +| Other | Added smoke tests for RHEL (x86_64 and PPC64le). | DC-295 | +| Other | Added smoke tests for SLES 12 (x86_64 and PPC64le). | DC-296 | +| Other | Added smoke tests for SLES 15 (x86_64 and PPC64le). | DC-297 | +| Bug fix | Lasso now uses MD5 hashing of tarball in FIPS enable systems. | DC-310 | -- Lasso was unable to use MD5 hashing of tarball in FIPS enable systems (DC-310) +## Lasso - Version 4.0.0 -## Lasso - Version 4.0.0 (2022-03-30) +Released: 30 Mar 2022 -### Features +Lasso Version 4.0.0 includes the following enhancements and bug fixes: -- Rebranding of Data Collector to Lasso, the diagnostic tool from EDB - - Update of Copyright notes (DC-239) - - Update license on all files (DC-228) - - Change the name of the bundle to reflect the new brand of the tool (DC-208) - - The generated output tarball now has the new brand and is identified with EDB (DC-49) - - The connection Lasso creates to the database now sets the `application_name` - to `edb-lasso` to identify the process Lasso is running (DC-222) - - Update the documentation to reflect the new brand name (DC-184) -- Add a report that gathers output from `pg_replication_origin_status` to help with -logical replication diagnostics (this includes native logical replication and others like -BDR or xDB) (DC-232) +| Type | Description | Addresses | +|----------------|-------------|-----------| +| Feature | Rebranded Data Collector to Lasso, the diagnostic tool from EDB.| | +| Feature | Rebranding: Updated copyright notes. | DC-239 | +| Feature | Rebranding: Updated license on all files. | DC-228 | +| Feature | Rebranding: Changed the name of the bundle to reflect the new brand of the tool. | DC-208 | +| Feature | Rebranding: Generated output tarball now has the new brand and is identified with EDB. |DC-49 | +| Feature | Rebranding: The connection Lasso creates to the database now sets the `application_name`to `edb-lasso` to identify the process Lasso is running. | DC-222 | +| Feature | Rebranding: Updated the documentation to reflect the new brand name. | DC-184 | +| Feature | Added a report that gathers output from `pg_replication_origin_status` to help with logical replication diagnostics. This includes native logical replication and others like BDR or xDB. | DC-232 | diff --git a/product_docs/docs/lasso/4/report-types.mdx b/product_docs/docs/lasso/4/report-types.mdx index e08bd6cdf4f..f513331fd53 100644 --- a/product_docs/docs/lasso/4/report-types.mdx +++ b/product_docs/docs/lasso/4/report-types.mdx @@ -2,14 +2,14 @@ title: Report types --- -## Local/Full PostgreSQL report +## Local/full PostgreSQL report This type of report is useful when the server has a PostgreSQL cluster -which is up, running and accessible. Besides all information that is -gathered in the system only report, it will also gather configurations +that's up, running, and accessible. In addition to all information that's +gathered in the system-only report, it also gathers configurations and metrics from the PostgreSQL instance. -For this you need to run Lasso as the `postgres` or `enterprisedb` user. +For this report, you need to run Lasso as the postgres or enterprisedb user. !!! Important The same user that runs the Postgres server process must run the command. @@ -24,24 +24,24 @@ A standard Lasso run consists of: ``` By default, Lasso tries to connect using Unix sockets, the default -Postgres port (5432), the default database and user name (`postgres`), -but you can specify different values in the command line like this: +Postgres port (5432), the default database, and the user name (postgres). +You can specify different values at the command line: ``` lasso -p PORT DATABASE_NAME USER_NAME ``` -If a password is required, Lasso will ask for a password, but you can +If a password is required, Lasso prompts for a password. Alternatively, you can specify a password using the `PGPASSWORD` environment variable: ``` PGPASSWORD=xxxx lasso -p PORT DATABASE_NAME USER_NAME ``` -By default Lasso looks for a Unix socket under `/var/run/postgresql/`, +By default, Lasso looks for a Unix socket under `/var/run/postgresql/`, but you can specify any socket listed by `SHOW unix_socket_directories` using the `-H` argument. For example, -usually a Lasso report for the EnterpriseDB Advanced Server is +usually a Lasso report for the EDB Postgres Advanced Server is gathered with: ``` @@ -61,14 +61,14 @@ run: lasso --help ``` -Postgres settings can be specified in the Lasso configuration file, -under the `postgresql` setting. For more details see +You can specify Postgres settings in the Lasso configuration file, +under the `postgresql` setting. For more details, see [Configuration](configuration). !!! Important When run on a local instance, Lasso -requires a user that belongs to the `pg_monitor` role, which is available -in Postgres 10 and later. Before 10, you must run as +requires a user that belongs to the pg_monitor role, which is available +in Postgres 10 and later. For earlier versions of Postgres, you must run as a superuser. For more information, see [Default Roles](https://www.postgresql.org/docs/current/default-roles.html) in the PostgreSQL documentation. !!! @@ -77,36 +77,36 @@ Lasso transparently gathers information related to all supported versions of EDB Postgres Distributed (PGD) and pglogical. -## Remote/Database-only PostgreSQL report +## Remote/database-only PostgreSQL report If you need to gather data from a remote PostgreSQL instance, you can run a remote PostgreSQL report. -As explained in the previous section, you can change the connection -string parameters of Lasso. For example, to gather a PostgreSQL report -from a remote server located in the IP 192.168.0.10, running on port -5433, you could invoke Lasso from another server as below: +As explained in [Local/full PostgreSQL report](#localfull-postgresql-report), you can change the +connection-string parameters of Lasso. For example, to gather a PostgreSQL report +from a remote server located in the IP 192.168.0.10 running on port +5433, you can invoke Lasso from another server as follows: ``` lasso -H 192.168.0.10 -p 5433 ``` -This type of report will bring only PostgreSQL related info from the -PostgreSQL instance that Lasso was connected to. It means it will not -be able to gather files like `postgresql.conf` and `pg_hba.conf`, nor -will it be able to gather configurations and metrics from the underlying -operational system or information from PostgreSQL related tools, like EFM -configuration files. Having that in mind, it's always preferable running a +This type of report brings only PostgreSQL-related info from the +PostgreSQL instance that Lasso was connected to. It means it can't +gather files like `postgresql.conf` and `pg_hba.conf`. It also can't +gather configurations and metrics from the underlying +operational system or information from PostgreSQL-related tools, like EFM +configuration files. With that in mind, we recommend running a local PostgreSQL report, if possible. !!! Important -This is the only option you have to gather PostgreSQL information +This is the only option for gathering PostgreSQL information from an instance hosted on a DBaaS provider such as EDB Big Animal or Amazon RDS. !!! !!! Important -This is the only option you have to gather PostgreSQL information +This is the only option for gathering PostgreSQL information from an instance running under Kubernetes. !!! @@ -121,15 +121,15 @@ that helps during analysis. You must run the command as the same user that runs the Barman process, and you must have enough permission to write in the current working directory. If you installed Barman using RPM/DEB packages, -Barman is configured to run as the `barman` user. +Barman is configured to run as the barman user. !!! -The Barman report is enabled by default if Lasso runs as the `barman` user +The Barman report is enabled by default if Lasso runs as the barman user and looks for configuration files in the expected locations, typically -`/etc/barman.conf`. See `man 5 barman` for details. +`/etc/barman.conf`. Execute `man 5 barman` for details. In general, if you installed Barman using EDB-certified RPM and DEB -packages, all you need to do is execute Lasso as the `barman` user. +packages, all you need to do is execute Lasso as the barman user. ### Managing custom installations of Barman @@ -141,7 +141,7 @@ by passing the `--barman` option to Lasso: ``` You can also point to a specific global configuration file by using the -`--barman-configuration` option as follows: +`--barman-configuration` option: ``` lasso --barman-configuration /opt/barman/barman.conf @@ -161,7 +161,7 @@ packages, all you need to do is execute Lasso. Lasso uses the following approach while trying to identify the repmgr configuration file. It uses the first one it finds. -1. Use the one provided through the `--repmgr-configuration` option, if given. +1. Use the one provided to the `--repmgr-configuration` option, if given. 2. Check the paths provided by packages. For example, in CentOS/RHEL packages, the configuration file is usually put under `/etc/repmgr//repmgr.conf`. Lasso inspects those folders, if they exist, in descending order, and uses the @@ -177,14 +177,14 @@ as it does in approach 2, and uses the first match. ### Managing custom installations of repmgr You can point to a specific repmgr configuration file by using the -`--repmgr-configuration` option as follows: +`--repmgr-configuration` option: ``` lasso --repmgr-configuration /opt/repmgr/repmgr.conf ``` -This approach is preferred, as it guarantees Lasso will use -the correct repmgr configuration file instead of trying to find it automatically. +We recommend this approach, as it guarantees Lasso will use +the correct repmgr configuration file instead of trying to find it. ## Postgres Enterprise Manager (PEM) report @@ -193,7 +193,7 @@ Lasso can run on systems where PEM is installed. In that case, it also gathers PEM-related information, like some configuration files and information about services. -Lasso inspects the well-known paths for configuration files, +Lasso inspects the well-known paths for configuration files as well as well-known service names. If you have custom PEM installations, Lasso doesn't gather the related information. @@ -211,7 +211,7 @@ packages, all you need to do is execute Lasso. Lasso uses the following approach while trying to identify the EFM configuration file. It uses the first one it finds. -1. Use the one provided through the `--efm-configuration` option, if given. +1. Use the one provided to the `--efm-configuration` option, if given. 2. Check the paths provided by packages. The configuration file is usually put under `/etc/edb/efm-/efm.properties`. Lasso inspects those folders, if they exist, in descending order, and uses the first EFM @@ -231,14 +231,14 @@ file that it finds. ### Managing custom installations of EFM You can point to a specific EFM configuration file by using the -`--efm-configuration` option, as follows: +`--efm-configuration` option: ``` lasso --efm-configuration /opt/EFM/efm.properties ``` -This approach is preferred, as it guarantees Lasso will use -the correct EFM configuration file instead of trying to find it automatically. +We recommend this approach, as it guarantees Lasso will use +the correct EFM configuration file instead of trying to find it. ## Replication Server (xDB) report @@ -256,7 +256,7 @@ configuration files. It uses the first one it finds. On Linux: -1. Use the ones provided through the `--xdb-pubserver-configuration` and +1. Use the ones provided to the `--xdb-pubserver-configuration` and `--xdb-subserver-configuration` options, if given. 2. Check the paths provided by xDB 7 RPM package and bitrock installer. The configuration files are usually put under `/etc/edb/xdb/etc`. Lasso @@ -271,7 +271,7 @@ from newest XDB version to oldest. On Windows: -1. Use the ones provided through `--xdb-pubserver-configuration` and +1. Use the ones provided to the `--xdb-pubserver-configuration` and `--xdb-subserver-configuration` options, if given. 2. Check the paths provided by xDB 7 packages. The configuration files are usually put under `:\Program Files\edb\EnterpriseDB-xDBReplicationServer\etc`. @@ -289,23 +289,23 @@ binary file. It uses the first one it finds. On Linux: -1. Check the paths provided by xDB 7 RPM package and bitrock installer. The +1. Check the paths provided by the xDB 7 RPM package and bitrock installer. The binary files are usually put under `/etc/edb/xdb/bin`. Lasso inspects this folder, if it exists, and uses the `edb-repcli.jar` file found under that folder. 2. Check the paths provided by the xDB 6 RPM package and bitrock installer, which are usually `/usr/ppas-xdb-/bin` and `/opt/PostgreSQL/EnterpriseDB-xDBReplicationServer/bin`, respectively. Lasso inspects these folders and, if they exist, uses the -`edb-repcli.jar` file found under the folder. In the case of RPM packages, as there +`edb-repcli.jar` file found under the folder. For RPM packages, as there can be a lot of folders, they're inspected from newest XDB version to oldest. On Windows: -1. Check the paths provided by xDB 7 packages. The binary files are usually +1. Check the paths provided by the xDB 7 packages. The binary files are usually put under `:\Program Files\edb\EnterpriseDB-xDBReplicationServer\bin`. Lasso inspects this folder, if it exists, and uses the `edb-repcli.jar` file found under that folder. -2. Check the paths provided by xDB 7 packages. The binary files are usually +2. Check the paths provided by the xDB 7 packages. The binary files are usually put under `:\Program Files\PostgreSQL\EnterpriseDB-xDBReplicationServer\bin`. Lasso inspects this folder, if it exists, and uses the `edb-repcli.jar` file found under that folder. @@ -314,7 +314,7 @@ file found under that folder. You can point to a specific xDB publication or subscription server configuration file by using the `--xdb-pubserver-configuration` and `--xdb-subserver-configuration` -options, as follows: +options. On Linux: @@ -328,8 +328,8 @@ On Windows: lasso-windows-X.Y.Z.exe --xdb-pubserver-configuration C:\\xDB\pubserver.conf --xdb-subserver-configuration C:\\xDB\subserver.conf ``` -This approach is preferred, as it guarantees Lasso will use -the correct xDB configuration files instead of trying to find it automatically. +We recommend this approach, as it guarantees Lasso will use +the correct xDB configuration files instead of trying to find it. ## PgBouncer report @@ -346,7 +346,7 @@ execute Lasso. Lasso uses the list of running processes to identify the PgBouncer processes and uses the configuration file retrieved from there. -You can also specify one or more PgBouncer configuration files through +You can also specify one or more PgBouncer configuration files with the Lasso argument `--pgbouncer-configuration`. It's mainly useful in scenarios where a PgBouncer instance isn't running or if Lasso can't detect the configuration file from the process list. @@ -367,20 +367,20 @@ packages, all you need to do is execute Lasso. Lasso uses the following approach while trying to identify the HARP configuration file. It uses the first one it finds. -1. Use the one provided through the `--harp-configuration` option, if given. +1. Use the one provided to the `--harp-configuration` option, if given. 2. Check if the `/etc/harp/config.yml` file exists. ### Managing custom installations of HARP You can point to a specific HARP configuration file by using the `--harp-configuration` -option, as follows: +option: ``` lasso --harp-configuration /opt/harp/config.yml ``` -This approach is preferred, as it guarantees Lasso will use -the correct HARP configuration file instead of trying to find it automatically. +We recommend this approach, as it guarantees Lasso will use +the correct HARP configuration file instead of trying to find it. ### Running Lasso on a HARP proxy node @@ -394,37 +394,39 @@ When using Lasso to gather information from a HARP proxy node, you must use the ## PGD Proxy report Lasso can be run on systems where PGD Proxy is installed. In that -case, it will gather PGD Proxy related information. +case, it gathers PGD Proxy-related information. -In general, if you have installed PGD Proxy using EDB certified RPM and DEB +In general, if you installed PGD Proxy using EDB-certified RPM and DEB packages, all you need to do is execute Lasso. ### How Lasso finds the PGD Proxy configuration file -Lasso will use the below approach while trying to identify the PGD Proxy -configuration file, and will use the first one which is found: +Lasso uses the following approach while trying to identify the PGD Proxy +configuration file. It uses the first one it finds. 1. Use the one provided through `--pgd-proxy-configuration` option, if given 2. Check if `/etc/edb/pgd-proxy/pgd-proxy-config.yml` file exists ### Managing custom installations of PGD Proxy -You can point to a specific PGD Proxy configuration file, by using the -`--pgd-proxy-configuration` option, as follows: +You can point to a specific PGD Proxy configuration file by using the +`--pgd-proxy-configuration` option: +``` lasso --pgd-proxy-configuration /opt/pgd-proxy/config.yml +```` -This is actually the preferred approach, as it guarantees Lasso will use +We recommend this approach, as it guarantees Lasso will use the correct PGD Proxy configuration file instead of trying to find it automatically. ### Running Lasso on a PGD Proxy node -There are cases where the PGD Proxy nodes do not have a Postgres/EPAS service running -on them, as they are only intended as a proxy for connections coming in from the +There are cases where the PGD Proxy nodes don't have a Postgres/EDB Postgres Advanced Server service running +on them. They're intended only as a proxy for connections coming in from the applications. -When using Lasso to gather information from a standalone PGD Proxy node you will have -to use the `--system-only` option so it doesn't try to connect to the database server. +When using Lasso to gather information from a standalone PGD Proxy node, you must +use the `--system-only` option so it doesn't try to connect to the database server. ## etcd report @@ -437,7 +439,7 @@ case, it gathers etcd-related information. Lasso uses the following approach while trying to identify the etcd configuration file. It uses the first one it finds. -1. Use the one provided through `--etcd-configuration` option, if given. +1. Use the one provided to the `--etcd-configuration` option, if given. 2. Check if the `/etc/etcd/etcd.conf` file exists. @@ -447,7 +449,7 @@ Lasso can also run on systems where Postgres or Barman aren't installed to gather all relevant information regarding the underlying operating system. -You can run a system-only report with the following command: +You can run a system-only report: ``` lasso --system-only @@ -455,7 +457,6 @@ You can run a system-only report with the following command: !!! Important Despite the argument being called `--system-only`, in this mode, -Lasso actually gathers information about all the aforementioned tools, -except PostgreSQL/EPAS and Barman. +Lasso gathers information about all the aforementioned tools +except PostgreSQL/EDB Postgres Advanced Server and Barman. !!! - diff --git a/product_docs/docs/lasso/4/return.mdx b/product_docs/docs/lasso/4/return.mdx index 17c8468e894..d9c00ac4084 100644 --- a/product_docs/docs/lasso/4/return.mdx +++ b/product_docs/docs/lasso/4/return.mdx @@ -2,20 +2,20 @@ title: Returning the Lasso report --- -The script produces a _TAR file_ in the same directory where you -executed Lasso, containing the gathered data: this is the -"Lasso report". +The script produces a TAR file containing the gathered data +in the directory where you executed Lasso. This file is the +Lasso report. You can also use Lasso on a server that has no Postgres installation. In that case, use the -`--system-only` option, and the _TAR file_ produced will contain only +`--system-only` option to produce a TAR file that contains only system-related information. -Unless you are running Lasso on an isolated network system, without -external access to EnterpriseDB's infrastructure, you can upload the +Unless you're running Lasso on an isolated network system, without +external access to EDB's infrastructure, you can upload the produced tarball directly through Lasso using the `--upload` option. For more information, see [Servers accepting upload of reports](appendix-a). Alternatively, you can attach the report to a specific support ticket -through the Portal or use the **Support operations > Upload report** menu +through the Portal. Or, use the **Support operations > Upload report** menu from your company's page. diff --git a/product_docs/docs/lasso/4/security.mdx b/product_docs/docs/lasso/4/security.mdx index ca960492370..672d76d94dd 100644 --- a/product_docs/docs/lasso/4/security.mdx +++ b/product_docs/docs/lasso/4/security.mdx @@ -8,28 +8,28 @@ has enough privileges to gather the required information from the tool from whic The following are the tools and the roles that Lasso tries to use for each of them. Lasso tries to use the first available role in each tool role list. *Initial connection role* means the role that was provided through Lasso CLI when running the -tool—usually `postgres` or `enterprisedb`. +tool—usually postgres or enterprisedb. - PostgreSQL: - - `pg_monitor` - - initial connection role + - pg_monitor + - Initial connection role - PgLogical: - - `pglogical_superuser` - - initial connection role + - pglogical_superuser + - Initial connection role - PGD: - - `bdr_monitor` - - initial connection role + - bdr_monitor + - Initial connection role - PEM: - - `pem_user` - - initial connection role + - pem_user + - Initial connection role - Repmgr: - - initial connection role + - Initial connection role - xDB: - - initial connection role + - Initial connection role -Most of the PGD gatherings try using the `bdr_monitor` role. However, one of -them, which is in charge of gathering conflicts, tries to use the role -`bdr_read_all_conflicts` for that purpose. That's the only exception. +Most of the PGD gatherings try using the bdr_monitor role. However, the one in +charge of gathering conflicts tries to use the role +bdr_read_all_conflicts for that purpose. That's the only exception. In any of the cases, it uses a read-only transaction while querying metrics and configurations from the database. diff --git a/product_docs/docs/lasso/4/usage.mdx b/product_docs/docs/lasso/4/usage.mdx index 99dba37c3a1..7794bf2dcca 100644 --- a/product_docs/docs/lasso/4/usage.mdx +++ b/product_docs/docs/lasso/4/usage.mdx @@ -7,7 +7,7 @@ Postgres connection parameters. You can find the list of the environment variables in the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/libpq-envars.html). -The connection parameters, among other options, can also be passed as command +You can also pass the connection parameters, among other options, as command line arguments: ``` @@ -99,5 +99,5 @@ optional arguments: version and 1 otherwise ``` -You can see more details about how each of these arguments are used in the -[Lasso report types page](report-types). +For details about how to use each of these arguments, see +[Report types](report-types).