Performing administrative management

Suggest edits

Manage user accounts, access controls, and system-wide settings from the Management panel on the left sidebar. Use these administrative actions to oversee account security, define permission tiers, and configure core integration parameters.

Important

Access to this panel is restricted to users with the Admin role privilege.

Managing the user lifecycle

Monitor account status and provision new access credentials with the WEM Users tab.

  • Check the header metrics for Locked Users. A non-zero value indicates that users have exceeded the failed login threshold. Investigate potential security incidents or assist users with password resets.
  • Provision new users by selecting the Add WEM User button. Use the Map to Existing WHPG User feature to link the WarehousePG Enterprise Manager (WEM) account to an existing database role (like gpadmin) or to automatically provision a new database identity that matches the WEM username.
  • Assign users to one of the three built-in profiles:
    • Admin: Full system control.
    • Operator: Operational dashboard access, including query management and cancellation.
    • Viewer: Read-only access to metrics and logs.
  • Use the Active toggle bar when editing or creating a user to revoke access immediately without deleting the account's history.
  • Regularly review the Admin Users count in the header. Keeping the number of high-privileged accounts to a minimum is a core security best practice.

Defining role-based access control

Control what your team can see and do within the platform.

  • Use the Permissions tab to enable or disable access to specific tabs in the WEM console for each profile.
  • If permissions become misconfigured, use the Reset to Defaults button to instantly revert the role-based access control (RBAC) matrix to the factory-recommended state for all roles.

Auditing administrative actions

Maintain a chronological record of every administrative action performed in the system with the Audit Log tab.

  • Filter by Failed Login to identify potential brute-force attempts. Filter by Login and Logout to verify user activity during specific incident windows.
  • Ensure accountability for all changes made to your access control layer by applying the Update User and Create User filters to see who modified roles or security flags.

Configuring system integration settings

Perform configuration changes to your existing WEM installation with the Settings tab.

  • Configure the WarehousePG (WHPG) database connection by editing the WHPG coordinator host name, port, database name, and credentials.
Note

Changes to database connection settings or the application port require a restart of the WEM service to take effect.

  • Input your Prometheus, Loki, and Alertmanager URLs to enable real-time metric graphs, integrated log streaming, and real-time notifications. If these fields are left empty, the corresponding tabs in the dashboard will remain disabled.
  • Adjust the value of Log Min Duration Statement to define what constitutes a slow query in milliseconds. This setting directly controls which queries are captured for performance analysis.

Scheduling proactive health checks

Define automated probes to verify the end-to-end integrity of your cluster with the Canary Checks tab.

  • Create a Connectivity check to verify that the database is accepting new session requests.
  • Select the Query type to run specific SQL statements (SELECT count(*) FROM sales;) at set intervals. Define warning and critical latency thresholds to trigger alerts if performance degrades.
  • Configure Segment Health and Replication checks to monitor for hardware failures or synchronization lag between primary and mirror segments.

Could this page be better? Report a problem or suggest an addition!