Skip to content

Troubleshooting

Anytime you experience an error within SecureCloudDB you can view errors directly in your Dashboard.

Viewing Errors in Your Dashboard

  1. In your Dashboard you can view any recent system errors by clicking the exclamation icon in the top right corner.

  2. Clicking on an error message will take you to the Discovery Logs for the specific error. This is where you can see the following information:

    • Error: The type of error the system is experiencing.
    • Time: The date and time the error occurred.
    • Message: A description of the error.
    • Related Database: The specific database the error is related to.
    • Tags: Any tags that apply to the database.

Note

Any log item listed as Info is only for informational purposes and does not apply as an error.

Asset Discovery Errors

Asset Discovery Errors can occur if SecureCloudDB is not able to perform a full scan of your database environment. This may be due to connectivity issues between SecureCloudDB and your database connection or issues with connection to the control plane.

  1. To view an error associated with an Asset Discovery you'll want to click into the specific configuration for more details.

  2. Once you're in the configuration you can click on More scan error details to go to the Discovery Log to view specific errors.

Database Connection Failures

Connection failure to the database occurs when SecureCloudDB is not able to access a specific database within your environment. If you see an error you'll want to review your Database Access Configuration.

Dataplane Connection Failure

Connection to the database failed when trying to authenticate. You'll want to check if you set up database access properly.

No Known Data Access Config

A Database Access Configuration doesn't exist for a database and SecureCloudDB can't connect to retrieve database settings, etc. Please review your database access to resolve.

Control Plane Connection Failures

Connection failure to the control plane occurs when SecureCloudDB is not able to authenticate with your AWS instance. If this error occurs you'll want to check the AWS authentication information you've entered and ensure it's correct.

Note

When entering your AWS Account ID it must be a valid 12 digit account number for your AWS configuration.

IAM User Troubleshooting

When setting up an IAM User you'll want to ensure the following items are configured correctly:

  • Access type: You'll either select Programatic access which will enable an access key ID and secret acecss key or AWS Management Console acess which will enable a password for sign-in.
  • Read-only permission to the user being setup for each service.
  • Permissions boundary (optional): If you choose to setup permissions boundary please review AWS Documentation to ensure it's properly setup.
  • Access Key ID and Secret Access Key: Ensure that you entered both values correctly in the authentication configuration.

IAM Role Troubleshooting

When setting up an IAM Role you'll want to ensure the following items are configured correctly:

  • External ID: Ensure you are entering the correct external ID in the role creation wizard.
  • Permissions: If you are not able to access a specific service this may be due to a permission setting during role setup. Please review any permissions set during role setup.
  • Acknowledgement: When creating your IAM Role you'll need to check the AWS CloudFormation acknowledgement at the bottom of the form.

Agent Setup Troubleshooting

When deploying an Agent into your AWS Account you'll want to ensure the following items are configured correctly:

  • VPC ID and Subnet ID(s): Make sure to select the VPC that your databases are on. If you don't know which it is, you can navigate to the DB console and click on the database and it will show the VPC it resides on.
  • SecureCloudDB DB Scan Refs. and Agent Credentials: Ensure you are pasting the contents of the entire JSON file you downloaded when creating the Agent Deployment Template.
  • Acknowledgements: When deploying your Agent you'll need to check the AWS CloudFormation acknowledgements at the bottom of the form.

Databases Agent Status

Once your databases have been configured for activity monitoring each database will have a collection status. The following statuses can apply to a status:

  • Collecting: This means the SecureCloudDB Agent is monitoring and collecting information on activity associated with a specific database.
  • Not Collecting: This means the SecureCloudDB Agent is not currently collecting any activity associated with a specfici databse. This can happen when a database has no data.
  • Collection Errors: This means that the SecureCloudDB Agent is experiencing issues while monitoring a specific database.

Organization Not Authorized

If you are not authorized to access an organization you will need to request to be added as a member from the owner of that organization.