Documentation forDatabase Performance Analyzer

DPA 2022.3 release notes

Release date: July 12, 2022

These release notes were updated on July 25, 2022.

These release notes describe the new features, improvements, and fixed issues in Database Performance Analyzer 2022.3. They also provide information about upgrades and describe workarounds for known issues.

Learn more

New features and improvements in DPA

Return to top

DPA 2022.3 offers new features and improvements compared to previous releases of DPA.

Changes to monitored database instances

DPA 2022.3 adds support for monitoring the following database instances: 

  • Azure Database for PostgreSQL - Flexible Server 11, 12, 13
  • Azure Database for MySQL - Single Server 5.7, 8
  • Azure Database for MySQL - Flexible Server 5.7
  • Azure Database for MariaDB 10.2, 10.3

For information about end of support for monitored database instances, see End of support.

Index advisors

DPA 2022.3 identifies missing indexes that could improve the performance of specific queries. When DPA detects a missing index, it creates a recommendation called an index advisor. Index advisors are available for Oracle and SQL Server database instances.

In the summary view, each index advisor lists:

  • The table and table columns to be indexed.
  • The number of queries whose performance resulted in this index recommendation.
  • The total wait time for all query executions during the selected time period.
  • The estimated reduction in wait time as an amount and a percentage. This estimate is based on plan cost and step cost values.

When you display details, DPA shows the command to create the suggested index and information about the query or queries whose performance resulted in this index recommendation.

For more information, see View index recommendations.

SAML authentication

You can configure DPA 2022.3 for SAML authentication and single sign-on with credentials stored in Okta.

For more information, see Configure DPA to use SAML authentication.

New PostgreSQL alerts

The following alerts are available for PostgreSQL database instances:

Alert type Description
PostgreSQL Last Analyze If the PostgreSQL autovacuum process is disabled, it does not automatically trigger an analyze operation to update statistics. Therefore, the analyze operation must be manually run. This alert warns you if the time period since the last manually run analyze operation exceeds a threshold.
PostgreSQL Last Auto Analyze The PostgreSQL autovacuum process can automatically trigger an analyze operation, which updates the statistics used to determine query plans. This alert warns you if the time period since the last automatically triggered analyze operation exceeds a threshold.
PostgreSQL Last Vacuum If the PostgreSQL autovacuum process is disabled, it does not run automatically to remove dead tuples (outdated versions of rows that are no longer needed). Therefore, the vacuum operation must be manually run. This alert warns you if the time period since the last manual vacuum operation exceeds a threshold.
PostgreSQL Last AutoVacuum The PostgreSQL autovacuum process runs automatically to remove dead tuples (outdated versions of rows that are no longer needed). This alert warns you if the time period since the last automatically run autovacuum exceeds a threshold.
PostgreSQL Long Running Vacuum This alert notifies you when a vacuum operation runs for longer than the specified threshold.
PostgreSQL Long Running Query This alert notifies you when any query other than the autovacuum process runs for longer than the specified threshold. Long-running queries can affect overall database performance and might be the result of a stuck background process.
PostgreSQL Dead Tuple This alert monitors the row count or percentage of dead tuples in the database instance. A high percentage can indicate that the PostgreSQL vacuuming process is not healthy. A dead tuple is an outdated version of a row that was updated or deleted. It is no longer needed by any transaction, and the vacuuming process should remove it so the space can be used for new rows.
PostgreSQL Total Idle in Transaction Connections Each PostgreSQL instance has a maximum number of connections (max_connections in pg_settings). This alert warns you when a high percentage of the available connections are “idle in transaction”, meaning that an application or query started a transaction but the transaction is now idle, possibly waiting on something else.
PostgreSQL Total Connections Each PostgreSQL instance has a maximum number of connections (max_connections in pg_settings). This alert warns you when a high percentage of the available connections are in use. It includes connections in all states.
PostgreSQL User Role Expiry This alert notifies you when a user role will expire within the specified number of days or has already expired.

API endpoints to manage encryption

The DPA REST API includes endpoints to manage encryption. Use these endpoints to get the current encryption setting, create a new encryption setting, or change the current encryption setting.

To use the Swagger interface to learn more about the available endpoints, see Learn about and experiment with the DPA API.

Options for CyberArk configuration

You can configure DPA to use CyberArk credentials globally, for authentication to all DPA entities that require it. Or you can configure DPA to use CyberArk credentials for certain types of authentication. For example, DPA could use CyberArk credentials for authentication to the DPA repository and monitored instances, but not to VMware, LDAP/AD, or mail servers.

For details, see Configure DPA to use credentials stored in CyberArk.

SQL Server trace flag 2861

When monitoring a SQL Server database instance, DPA no longer runs a command to turn on SQL Server trace flag 2861. This trace flag no longer exists in any supported version of SQL Server.

The advanced option DBCC has also been removed. In previous versions, this option could be used to turn off SQL Server trace flag 2861.

Fixed issues in DPA 2022.3

Return to top

DPA 2022.3 fixes the following issues.

Case number Description
01053851, 01065352, 01078594

DPA 2022.3 provides security enhancements, including upgrading to the latest available version of OpenJDK (11.0.15) and upgrading the Spring Security library to a version that is not vulnerable to CVE-2022-22978.
01001369, 01048705

Attempting to edit a custom metric whose name begins with % no longer returns an error.
01007110

When you create or edit an alert definition, you are no longer prompted to save changes before you leave the alert definition page to assign database instances. Any changes you made to the alert definition are preserved when you leave the page.
01022590

For DPA to collect metrics from a monitored SQL Server instance, the SQL option NUMERIC_ROUNDABOUT must be set to OFF. The DPA documentation has been updated with this information.
00940595

If you drill in to a time period from the 30-day trends chart, click a SQL hash to open the Query Detail page, and then click the DPA Back button, DPA returns to the previously selected time period.
01049536

The Current alert status page shows active alerts even when the associated database instance is stopped or unavailable.

Third-party CVE

Return to top

CVE-ID Vulnerability Title Description Severity
CVE-2022-22978 Authorization Bypass in RegexRequestMatcher In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with '.' in the regular expression are possibly vulnerable to an authorization bypass. Critical

For additional information, see Database Performance Analyzer (DPA) and the Spring Security RegexRequestMatcher Vulnerability (CVE-2022-22978).

New customer installation

Return to top

For information about installing DPA, see the DPA Installation and Upgrade Guide. You can download a free trial from the SolarWinds website.

How to upgrade

If you are upgrading from an earlier version, use the following resources to plan and implement your upgrade:

Known issues

Return to top

The database name is not updated for stored procedures
Issue

If a stored procedure name includes the name of a database and it is copied to a different database, the database name is not updated. When DPA shows information about the copied stored procedure, the hash is the same as the first and the information appears to be incorrect.
Resolution or Workaround

If you experience this issue, complete the following steps:

  1. Run the following command against the DPA repository database (replacing <HashValue> with the stored procedure's hash value):

    delete from ignite.CONST_<DBID> where H = '<HashValue>'

  2. Restart DPA.
Registering an Azure SQL database instance fails when the privileged user is an Azure AD user
Issue

When registering an Azure SQL database, if you let DPA create the monitoring user and select an Azure Active Directory (AD) user as the privileged user, registration fails on the last step with the message Connection test to database as monitoring user failed.
Resolution or Workaround Select the option 'I'll create the contained user or login', and follow the instructions to create the monitoring user manually.
SQL Server cannot be registered using TLS 1.0
Issue

During registration, SQL Server might return the following error in the registration wizard:

TLS handshake failed. Could not connect to the server using SSL.

This is accompanied by the following error in the wizard.log:

The server selected protocol version TLS10 is not accepted by client preferences [TLS13, TLS12]

This happens because the server (for example, a server running SQL Server 2008 R2) is not patched to a version that supports newer TLS 1.2 or 1.3, which DPA requires for secure communication. This requirement is inherited from the JDK shipped with DPA, which disables TLS 1.0 and 1.1 by default. This occurs in JDK 11.0.11 and later.
Resolution or Workaround

To resolve this issue, patch SQL Server to a newer Service Release or Cumulative Update that contains support for TLS 1.2 or later. See this Microsoft support article for information about each SQL Server version.

If you cannot apply the resolution, you can use the following as a workaround and continue using TLS 1.0. (This workaround is not recommended because it reduces security.)

  1. Open the following file in a text editor (or the corresponding file if you are using custom Java):

    <DPA_Home>\iwc\jre\conf\security\java.security

  2. Find jdk.tls.disabledAlgorithms.

  3. Remove TLSv1, TLSv1.1. Then save the changes.

  4. Restart DPA.

The DPA Options page does not open
Issue

If the file containing the DPA SQL authentication password is misconfigured, the DPA Options page does not open. This file can become misconfigured when password protection for DPA features that allow custom SQL is configured, and a password containing '<' or '>' characters was not enclosed with CDATA when it was entered.

Resolution or Workaround

  1. Open the following file in a text editor:

    <DPA-install-dir>\iwc\tomcat\ignite_config\iwc\security\sqlauth.xml

  2. Look for invalid XML such as the following (shown in red):

    <entry key="sql.authentication.password">
       <![USER_PASSWORD]]<
    >/entry>

  3. Reenter the password enclosed in CDATA, and edit the XML so that it is valid. For example:

    <entry key="sql.authentication.password">
      <![CDATA[MyPasswordWith<SpecialCharacters>]]>
    </entry>

  4. Save the file.

    Changes take effect immediately. The password in the sqlauth.xml file is encrypted the first time DPA prompts a user to enter it.
Creating the repository user when creating a MySQL 8.0 repository database
Issue

For MySQL 8.0, the default authentication plug-in has changed from mysql_native_password to caching_sha2_password. If you attempt to create a MySQL 8.0 repository database and allow DPA to create the repository user, the process fails because DPA cannot authenticate a user created with the default option.
Resolution or Workaround

  1. Create the repository user manually and specify that the mysql_native_password plugin be used to authenticate that user. For example:

    CREATE USER 'userName'@'localhost' IDENTIFIED WITH mysql_native_password BY 'userPassword';

    You can verify user creation by querying the mysql.user table:

    select user,host,plugin from mysql.user;

  2. Grant the required privileges to the user. See the GRANT statements in the script available through the Repository Creation Wizard.
  3. On step 2 of the Repository Creation Wizard, select Provide the repository user. Then enter the user name and password of the user you created.
Creating the monitoring user when registering a MySQL 8.0 database instance
Issue

For MySQL 8.0, the default authentication plug-in has changed from mysql_native_password to caching_sha2_password. If you attempt to register a MySQL 8.0 instance and allow DPA to create the monitoring user, registration fails because DPA cannot authenticate a user created with the default option.
Resolution or Workaround

  1. Create the monitoring user manually and specify that the mysql_native_password plugin be used to authenticate that user. For example:

    CREATE USER 'userName'@'localhost' IDENTIFIED WITH mysql_native_password BY 'userPassword';

    You can verify user creation by querying the mysql.user table:

    select user,host,plugin from mysql.user;

  2. Grant the required privileges to the user. See the GRANT statements in the script available through the Register Instance Wizard.
  3. On step 2 of the Register Instance Wizard, select I'll create the database user. Then enter the user name and password of the user you created.
Adding a distributed AG to a server prevents DPA from monitoring non-distributed AGs on the server
Issue

If DPA is monitoring non-distributed SQL Server Availability Groups (AGs) on a server and you add a distributed AG to the server, DPA stops monitoring the non-distributed AGs.
Resolution or Workaround Do not add a distributed AG to the server.
Microsoft reports incorrect metric values for SQL Server on Linux
Issue

When you monitor a SQL Server 2017 database instance that runs on a Linux server:

  • The O/S CPU Utilization resource always shows usage at 100%.
  • The Instance CPU Utilization resource always shows usage at 100%.
  • The O/S Memory Utilization resource always shows usage at 0%.

When you monitor a SQL Server 2019 database instance that runs on a Linux server:

  • The O/S CPU Utilization resource always shows usage at 100%.
  • In some cases, the Instance CPU Utilization resource always shows usage at 100%.

Microsoft reports these values.
Resolution or Workaround Disregard the values that are incorrect on your version of SQL Server. You can also disable the collection of a metric that shows incorrect data.
DPA fails to reconnect after losing its connection to a SQL Server instance
Issue

When DPA loses its connection to a monitored SQL Server instance (for example, when the DPA server is rebooted), and Windows authentication is used, DPA is sometimes unable to reconnect to the instance. This can happen if DPA attempts to connect before SQL Server has been able to connect to Active Directory. DPA interprets the rejected connection attempt as possibly occuring because the credentials were incorrect. To avoid being locked out of the account, DPA does not keep trying to reconnect. Messages such as the following appear in the logs:

Monitor for database [databaseName] failed to start due to [username and/or password must be updated due to previous login failure; if the credentials have not changed for this database, stop the monitor, wait for the monitor to stop, then start the monitor.].

Resolution or Workaround When the monitored instance is fully initialized, manually restart monitoring. On the DPA home page, click the Action drop-down menu for the instance and select Start Monitor.
Monitoring fails when a SQL Server AG is registered through the listener
Issue

When a SQL Server Availability Group (AG) is registered for monitoring through the listener, duplicate files collected through polling are not handled correctly in some situations, which can cause monitoring to fail. Errors such as the following can appear in the logs:

DEBUG (2021-04-03T17:16:50,214+0300) [repositoryManager-thread-23] {name=DBSERVER02 via AGLISTENER01} DatabaseMonitorJobListener:62 - Stopping monitor in SummaryPollJob

Resolution or Workaround If possible, register each instance separately instead of registering the listener. If that is not possible, then disable IO stats polling by setting the advanced option IO_STATS_POLL_ENABLED to False.
VM Host Disk metrics load slowly due to missing indexes on tables that store these metrics
Issue

Loading the Host Disk metrics on the Resources page may take a long time when the host has a large number of disks. On new DPA installations, indexes to avoid this issue are created in the DPA repository. But if you upgraded from DPA 2021.1 or earlier, these indexes must be created manually.
Resolution or Workaround
  1. From the DPA menu, click Options.

  2. Under Support > Utilities, click Review DPA Repo Schema.

    If your DPA is missing some indexes you are provided with a SQL script to manually create them.

  3. Follow the instructions on the page to create the missing indexes.
Repository growth due to missing indexes on tables storing the plans
Issue

DPA cleanup jobs might not run properly on tables storing the historical plans, causing the repository to grow. On new DPA installations, indexes to avoid this issue are created in the DPA repository. But if you upgraded from DPA 2021.1 or earlier, these indexes must be created manually.
Resolution or Workaround
  1. From the DPA menu, click Options.

  2. Under Support > Utilities, click Review DPA Repo Schema.

    If your DPA is missing some indexes you are provided with a SQL script to manually create them.

  3. Follow the instructions on the page to create the missing indexes.

End of life

Return to top

Version EoL Announcement EoE Effective Date EoL Effective Date
DPA 2019.4

August 26, 2021 End-of-Life (EoL) announcement - Customers on DPA version 2019.4 or earlier should begin transitioning to the latest version of DPA.

 November 24, 2021 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2019.4 or earlier will no longer actively be supported by SolarWinds. November 24, 2022 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2019.4 or earlier.
DPA 12.1

August 26, 2021 End-of-Life (EoL) announcement - Customers on DPA version 12.1 or earlier should begin transitioning to the latest version of DPA.

November 24, 2021 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 12.1 or earlier will no longer actively be supported by SolarWinds. November 24, 2022 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 12.1 or earlier.

End of support

Type Details
Monitored database instances Amazon RDS for SQL Server 2012 SP4

Deprecation notices

Return to top

This version of Database Performance Analyzer deprecates the following platforms and features.

Deprecated platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features. 

Type Details
DPA server OS Installing DPA on a server with a Windows Server 2012 R2 operating system is still supported in 2022.3, but support will be removed in an upcoming release.

The scripts are not supported under any SolarWinds support program or service. The scripts are provided AS IS without warranty of any kind. SolarWinds further disclaims all warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The risk arising out of the use or performance of the scripts and documentation stays with you. In no event shall SolarWinds or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the scripts or documentation.

Legal notices

Return to top

© 2022 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.