Hi,

I am new to Site24x7 and was configuring your database monitoring plugins for the first time. You documentation gives a really bad advise to the users and I think you should review and update it. So far I looked at Postgres and MySQL plugins. In the documentation you give the steps for creation of a monitoring user in the databases and in them you specify superuser permissions for Postgres role and root for MySQL user. It is common knowledge that one of the basic rules of security is "minimum necessary privilege". The monitoring user does not need such extensive privileges to do the job and no sysadmin worth his salt would give them. Please update the documentation with the minimum necessary permissions for the monitoring user. In cases where access has to be provided to a particular database or table, please put their names in the documentation explicitly, not just mention "set the appropriate values for variables", like it is done it the Postgres plugin documentation.

I have not looked at other plugins yet, but there is a good chance that the documentation there has a similar problem. I strongly advise to review and update all plugin documentation and make sure that the rule of least necessary privilege is followed. For Postgres it should be enough to give a monitoring user SELECT rights on pg_stat_database table and for MySQL user just a REPLICATION CLIENT database privilege.  

Thank you,

Alex