The DB Console provides details about your cluster and database configuration, and helps you optimize cluster performance.
DB Console areas
Area | Description |
---|---|
Cluster Overview | Essential metrics about the cluster and nodes, including liveness status, replication status, uptime, and hardware usage. |
Node Map | Geographical configuration of your cluster and metrics at the locality and node levels, visualized on a map. |
Overview Dashboard | Metrics about SQL performance, replication, and storage. |
Hardware Dashboard | Metrics about CPU usage, disk throughput, network traffic, storage capacity, and memory. |
Runtime Dashboard | Metrics about node count, CPU time, and memory usage. |
SQL Dashboard | Metrics about SQL connections, byte traffic, queries, transactions, and service latency. |
Storage Dashboard | Metrics about storage capacity and file descriptors. |
Replication Dashboard | Metrics about how data is replicated across the cluster, e.g., range status, replicas per store, and replica quiescence. |
Changefeeds Dashboard | Metrics about the changefeeds created across your cluster. |
Databases | Details about the system and user databases in the cluster. |
Sessions | Details about open sessions in the cluster. |
Statements | Frequently executed and high latency SQL statements, with the option to collect statement diagnostics. |
Transactions | Details about transactions running on the cluster. |
Network Latency | Latencies and lost connections between all nodes in your cluster. |
Jobs | Details of jobs running in the cluster. |
Advanced Debug | Advanced monitoring and troubleshooting reports. These include details about data distribution, the state of specific queues, and slow query metrics. These details are largely intended for use by CockroachDB developers. |
DB Console access
The DB Console is accessible from every node at http://<host>:<http-port>
, or http://<host>:8080
by default.
- If you included the
--http-addr
flag when starting nodes, use the IP address/hostname and port specified by that flag. - If you didn't include the
--http-addr
flag when starting nodes, use the IP address/hostname specified by the--listen-addr
flag and port8080
. - If you are running a secure cluster, use
https
instead ofhttp
. You will also need to create a user with a password to log in.
For guidance on accessing the DB Console in the context of cluster deployment, see Start a Local Cluster and Manual Deployment.
DB Console security
On insecure clusters, all areas of the DB Console are accessible to all users.
On secure clusters, for each user who should have access to the DB Console, you must create a user with a password and optionally grant the user membership to the admin
role.
The default root
user is a member of the admin
role. Use the following command to grant users membership to the admin
role:
GRANT admin TO <sql_user>;
For security reasons, non-admin users access only the data over which they have privileges (e.g., their tables, jobs, and list of sessions), and data that does not require privileges (e.g., cluster health, node status, metrics).
The following areas of the DB Console can only be accessed by admin
users. These areas display information from privileged HTTP endpoints that operate with admin
privilege.
Secure area | Privileged information |
---|---|
Node Map | Database and table names |
Databases | Stored table data |
Statements | SQL statements |
Advanced Debug (some reports) | Stored table data, operational details, internal IP addresses, names, credentials, application data (depending on report) |
By default, the DB Console shares anonymous usage details with Cockroach Labs. For information about the details shared and how to opt-out of reporting, see Diagnostics Reporting.