The DB Console provides details about your cluster and database configuration, and helps you optimize cluster performance.

DB Console areas

Area Description
Cluster Overview Essential metrics about the cluster and nodes, including liveness status, replication status, uptime, and hardware usage.
Node Map Geographical configuration of your cluster and metrics at the locality and node levels, visualized on a map.
Overview Dashboard Metrics about SQL performance, replication, and storage.
Hardware Dashboard Metrics about CPU usage, disk throughput, network traffic, storage capacity, and memory.
Runtime Dashboard Metrics about node count, CPU time, and memory usage.
SQL Dashboard Metrics about SQL connections, byte traffic, queries, transactions, and service latency.
Storage Dashboard Metrics about storage capacity and file descriptors.
Replication Dashboard Metrics about how data is replicated across the cluster, e.g., range status, replicas per store, and replica quiescence.
Changefeeds Dashboard Metrics about the changefeeds created across your cluster.
Databases Details about the system and user databases in the cluster.
Sessions New in v20.2: Details about open sessions in the cluster.
Statements Frequently executed and high latency SQL statements, with the option to collect statement diagnostics.
Transactions New in v20.2: Details about transactions running on the cluster.
Network Latency Latencies and lost connections between all nodes in your cluster.
Jobs Details of jobs running in the cluster.
Advanced Debug Advanced monitoring and troubleshooting reports. These include details about data distribution, the state of specific queues, and slow query metrics. These details are largely intended for use by CockroachDB developers.

DB Console access

The DB Console is accessible from every node at http://<host>:<http-port>, or http://<host>:8080 by default.

  • If you included the --http-addr flag when starting nodes, use the IP address/hostname and port specified by that flag.
  • If you didn't include the --http-addr flag when starting nodes, use the IP address/hostname specified by the --listen-addr flag and port 8080.
  • If you are running a secure cluster, use https instead of http. You will also need to create a user with a password to log in.
Tip:

For guidance on accessing the DB Console in the context of cluster deployment, see Start a Local Cluster and Manual Deployment.

DB Console security

On insecure clusters, all areas of the DB Console are accessible to all users.

On secure clusters, for each user who should have access to the DB Console, you must create a user with a password and optionally grant the user membership to the admin role.

Note:

The default root user is a member of the admin role. Use the following command to grant users membership to the admin role:

GRANT admin TO <sql_user>;

For security reasons, non-admin users access only the data over which they have privileges (e.g., their tables, jobs, and list of sessions), and data that does not require privileges (e.g., cluster health, node status, metrics).

The following areas of the DB Console can only be accessed by admin users. These areas display information from privileged HTTP endpoints that operate with admin privilege.

Secure area Privileged information
Node Map Database and table names
Databases Stored table data
Statements SQL statements
Advanced Debug (some reports) Stored table data, operational details, internal IP addresses, names, credentials, application data (depending on report)
Note:

By default, the DB Console shares anonymous usage details with Cockroach Labs. For information about the details shared and how to opt-out of reporting, see Diagnostics Reporting.

See also



YesYes NoNo