A practical, end-to-end walkthrough of Oracle's Database Security Assessment Tool — from install and configuration to running the Collector and Discoverer, reading the reports, and using them as audit evidence. Built on a real run against Oracle Database 19c (Non-CDB) on Oracle Linux 8.10. If you run Oracle databases, here's an uncomfortable question: do you actually know where your sensitive data lives, and how exposed it is right now? Most teams can't answer precisely. Oracle's Database Security Assessment Tool (DBSAT) answers it in minutes — for free. In this blog I'll explain how DBSAT works, walk through implementing it on Oracle 19c, and show you the real findings from my own lab run, including the one real-world bug I had to work around. What is DBSAT, and how does it work? DBSAT is a free, lightweight command-line tool from Oracle (downloadable from My Oracle Support Note 2138254.1) that inspects an Oracle database's security posture and discovers where ...
As a DBA, you're expected to know what's happening inside your databases at all times. But here's the reality — most monitoring setups are either too generic (CPU is high!) or too custom (someone's 3-year-old Grafana dashboard nobody understands). What if there was a tool built specifically for database engineers — one that understands query performance, replication lag, vacuum bloat, and connection saturation right out of the box? That tool is Percona Monitoring and Management (PMM) . In this post, I'll walk you through everything you need to know about PMM 3 — what it is, how it works internally, how to install it, what features it brings, and which databases it supports. Let's get into it. What is PMM? PMM (Percona Monitoring and Management) is a 100% free, open-source database observability and monitoring platform built by Percona. It is NOT a generic infrastructure monitoring tool like Nagios or Zabbix. PMM was purpose-built for DBAs who need to answer qu...