As part of AimBetter’s Zero Trust policy, our agent access is restricted to the Data layer architecture level only, having no access to the content of the database tables data.
Another important security factor is that the AimBetter Agent has read-only permissions and all information collected is immediately transferred over fully secured/ encrypted channels into the central data center, not being stored onsite in the customer domain.
For each environment, we provide clear instructions regarding the process of creating a monitoring user for the AimBetter Agent with minimal permissions, as follows:
- Windows OS user
- Linux OS user
- MSSQL on-prem/ Azure SQL Managed instance user
- Oracle on-prem user
- Amazon RDS login
- Amazon RDS Oracle user
We highly value transparency and for this end, we list all the resources to which the AimBetter Agent needs access.
WMI
Win32_PerfRawData_PerfProc_Process
Win32_Process
Win32_NTLogEvent
Win32_PerfRawData_PerfOS_System
Win32_LogicalDisk
Win32_PerfRawData_PerfDisk_LogicalDisk
Win32_OperatingSystem
Win32_PerfRawData_PerfOS_Memory
Win32_NetworkAdapterConfiguration
Win32_NetworkAdapter
Win32_PerfRawData_Tcpip_NetworkInterface
Win32_PageFileUsage
Win32_PageFil
Win32_Servic
Win32_TimeZone
Win32_UTCTime
Win32_ComputerSystem
Win32_Processor
Win32_PerfRawData_PerfOS_Processor
cat /etc/os-release
swapon
date
top -bn1
uptime
systemctl
vmstat
iostat
df
ps
cat /proc/net/dev
cat /sys/class/net/
lspci
availability_groups
database_file
database_mirroring
Databases
dm_db_index_usage_stats
dm_db_missing_index_details
dm_db_missing_index_group_stats
dm_db_missing_index_groups
dm_db_partition_stats
dm_db_task_space_usage
dm_exec_cached_plans
dm_exec_function_stats
dm_exec_procedure_stats
dm_exec_query_stats
dm_exec_requests
dm_exec_sessions
dm_hadr_availability_group_states
dm_hadr_availability_replica_states
dm_hadr_database_replica_states
dm_os_buffer_descriptors
dm_os_cluster_nodes
dm_os_performance_counters
dm_os_ring_buffers
dm_os_schedulers
dm_os_sys_info
dm_os_wait_stats
dm_os_waitingtasks
dm_tran_dataase_transactions
dm_tran_sesion_transactions
dm_xe_sesson_targets
dm_xe_sessions
Events
Indexes
master_files
Objects
Parameter
Partitions
Procedures
Schemas
Stats
Sysindees
Syslogins
Sysobjects
Sysperfinfo
Sysprocesses
gv$session
v$session
gv$transaction
v$transaction
gv$sort_usage
v$sort_usage
V$PARAMETER
GV$PARAMETER
gv$px_session
v$px_session
v$SQL_PLAN
G$SQL_PLAN
gv$sql
v$sql
gv$sqlstats
v$sqlstats
v$instance
gv$instance
dba_objects
gv$sqlcommand
v$sqlcommand
gv$sesstat
v$sesstat
gv$sysstat
v$sysstat
gv$statname
v$statname
V$SYSTEM_EVENT
GV$SYSTEM_EVENT
V$SYS_TIME_MODEL
GV$SYS_TIME_MODEL
v$diag_alert_ext
DBA_SCHEDULER_JOB_RUN_DETAILS
DBA_JOBS
DBA_SCHEDULER_RUNNING_JOBS
dba_jobs_running
v$version
gv$version
v$database
gv$database
v$nls_parameters
gv$nls_parameters
GV$ARCHIVE_DEST
V$ARCHIVE_DEST
v$log_history
gv$log_history
dba_indexes
dba_tables
dba_lobs
dba_segments
dba_undo_extents
dba_data_files
dba_temp_files
GV$TEMP_SPACE_HEADER
V$TEMP_SPACE_HEADER
DBA_FREE_SPACE
