Documentation forDatabase Performance Analyzer

DPA 2023.4.300 release notes

Release date: November 15, 2023

These release notes were last updated on January 5, 2024.

Here's what's new in Database Performance Analyzer 2023.4.300.

Learn more

New features and improvements in DPA

The performance and scalability of the DPA Central interface has been improved in this release. The performance improvements are especially important when a large number of users are concurrently viewing data in DPA Central.

For recommendations for sizing the DPA Central Server, see the system requirements.

In addition, the following changes were made to DPA Central.

Displaying data from unresponsive servers

If data from a DPA server takes more than three seconds to load, DPA Central lists that server as unavailable with the message that it will retry in the next refresh cycle. The data available from other DPA servers is displayed.

Each time the page is refreshed, DPA Central checks the unresponsive server and displays the data if possible.

Updated thread pool settings in DPA Central advanced configuration options

To improve the performance of DPA Central, the default values for the following thread pool settings were changed.

If you have an existing DPA Central deployment that is having performance issues, update these settings to be equal to or greater than the following values. For more information, see Advanced configuration for the DPA Central Server.

Setting Current default value Previous default value
com.confio.iwc.centralServiceTaskExecutor.corePoolSize 50 20
com.confio.iwc.centralServiceTaskExecutor.maxPoolSize 150 40
com.confio.iwc.centralServiceTaskExecutor.queueCapacity 5000 1000

Return to top

Fixes

Case number Description
01194778

If you access DPA with SAML login credentials and then generate a refresh token, you can use that refresh token to access the REST API.

01183265, 01234101, 01472663

DPA polling no longer times out when monitoring SQL Server Availability Groups (AGs).

01335266

In an Oracle RAC environment with multiple instances, the RAC Overhead Wait report opens without errors.

01175826

On the Real Time Sessions page, the Blocking tab is no longer slow to load blocking sessions data for an Oracle database instance.

01353962, 01423350

Index analysis no longer issues invalid SQL statements that cause parse errors to appear in the log file of the monitored Oracle database.

01393319, 01394715

The SQL Server Error Log Alert no longer fails in some circumstances, showing a status of Broken and returning the following message: 

Execution of this alert failed due to the following error: java.lang.AbstractMethodError

01435343

The Statistics section of the Query Details page displays statistics metrics (such as Executions and Rows Read) for all Sybase instances.

01351747

If you enter an invalid database ID on the I/O Drive Mappings tab, DPA no longer displays a stack trace.

01428536

The default logging level for AG polling logs is INFO instead of DEBUG.

N/A

DPA 2023.4 includes security enhancements.

Third-party CVEs

SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.

SolarWinds would like to additionally thank our Bugcrowd community for their continued help in testing our products and keeping them secure.

CVE-ID Vulnerability Title Description Severity
CVE-2023-46604 Remote Code Execution Vulnerability

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.

For more information about how this vulnerability affected SolarWinds products, see Apache ActiveMQ Vulnerability (CVE-2023-46604) in the SolarWinds Trust Center.

Critical
CVE-2023-2976 Sensitive Data Disclosure Vulnerability Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows. Medium
CVE-2023-1436 Denial of Service vulnerability An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. Medium

Before you upgrade!

If you are upgrading from DPA 2023.2.100 or earlier to DPA 2023.4.300, remove the useRelativeRedirects="false" string from the /iwc/tomcat/conf/context.xml file. This string fixed an issue in previous versions of Tomcat. It is no longer needed, and it should be removed for security reasons.

For detailed instructions, see Upgrade DPA on a Linux-based OS.

Return to top

Installation or upgrade

For new installations, you can download the installer from the SolarWinds website or from the Customer Portal. For more information, see the DPA Installation and Upgrade Guide.

For upgrades, use the DPA Installation and Upgrade Guide to help you plan and execute your upgrade. When you are ready, download the upgrade package from the SolarWinds Customer Portal.

Return to top

Known issues

Alerts on a Db2 server with multiple databases

When you are monitoring a Db2 server with multiple databases, the following alerts do not return data for all databases. Because of a limitation with MON_GET_* functions, these alerts are supported only for connected databases.

  • Database Free Space Alert
  • Table Space Free Alert
  • Transaction log Space

Resolution or Workaround: None.

DPA does not always use the Microsoft JDBC driver by default

When you register a database instance for monitoring, DPA should use the Microsoft JDBC driver by default. However, it uses the jTDS JDBC driver by default if the system.properties file does not contain the following entry:

com.confio.ignite.jdbc.sqlserver.useJtdsDriver=false

This missing configuration is likely to happen on DPA servers where older versions of DPA were initially installed, before DPA began using the Microsoft Driver.

Resolution or Workaround: Open the system.properties file in a text editor, and determine if it contains the entry above. If not, manually add it and save the file.

PostgreSQL OS CPU utilization not showing data on a Windows installation

When PostgreSQL is installed on a server with a Windows operating system, the O/S CPU Utilization resource metric in DPA does not display any data. It displays the message Chart doesn't have data collected for selected time period.

If PostgreSQL OS CPU utilization data is missing in other environments, make sure the system_stats extension is installed. For instructions, see Register a PostgreSQL database instance and prepare for monitoring.

Resolution or Workaround: None.

Importing an alert definition without the associated database assignment rule

In some situations, the log file shows the status of an imported alert definition as both Imported and Failed. This occurs when the alert definition uses a database assignment rule, but the rule was not imported and did not already exist on the server.

The two statuses indicate that the alert definition was imported, but the attempt to associate the database assignment rule failed.

Resolution or Workaround: When you import an alert definition that uses a database assignment rule, either import the rule or ensure that it already exists on the server.

If you imported an alert definition and the associated rule is missing, you must edit the alert definition to specify the database instances. (You can specify instances by manually selecting them or by applying a rule.)

Return to top

End of life

Version EoL Announcement EoE Effective Date EoL Effective Date
DPA 2022.3

November 23, 2023 End-of-Life (EoL) announcement - Customers on DPA version 2022.3 or earlier should begin transitioning to the latest version of DPA.

April 12, 2024 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2022.3 or earlier will no longer actively be supported by SolarWinds. April 14, 2025 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2022.3 or earlier.
DPA 2022.2

April 18, 2023 End-of-Life (EoL) announcement - Customers on DPA version 2022.2 or earlier should begin transitioning to the latest version of DPA.

August 18, 2023 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2022.2 or earlier will no longer actively be supported by SolarWinds. April 18, 2024 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2022.2 or earlier.
DPA 2022.1

January 18, 2023 End-of-Life (EoL) announcement - Customers on DPA version 2022.1 or earlier should begin transitioning to the latest version of DPA.

April 18, 2023 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2022.1 or earlier will no longer actively be supported by SolarWinds. April 18, 2024 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2022.1 or earlier.
DPA 2021.3

October 18, 2022 End-of-Life (EoL) announcement - Customers on DPA version 2021.3 or earlier should begin transitioning to the latest version of DPA.

January 18, 2023 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2021.3 or earlier will no longer actively be supported by SolarWinds. January 18, 2024 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2021.3 or earlier.
DPA 2021.1

October 18, 2022 End-of-Life (EoL) announcement - Customers on DPA version 2021.1 or earlier should begin transitioning to the latest version of DPA.

January 18, 2023 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2021.1 or earlier will no longer actively be supported by SolarWinds. January 18, 2024 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2021.1 or earlier.
DPA 2020.2

October 18, 2022 End-of-Life (EoL) announcement - Customers on DPA version 2020.2 or earlier should begin transitioning to the latest version of DPA.

January 18, 2023 End-of-Engineering (EoE) - Service releases, bug fixes, workarounds, and service packs for DPA version 2020.2 or earlier will no longer actively be supported by SolarWinds. January 18, 2024 End-of-Life (EoL) - SolarWinds will no longer provide technical support for DPA version 2020.2 or earlier.

See the End of Life Policy for information about SolarWinds product life cycle phases. To see EoL dates for earlier DPA versions, see DPA release history.

Return to top

Legal notices

© 2023 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.