Several people have asked what are the potential risks (security and otherwise) of using VizAlerts. The great thing about this being a free and open source project is that we don't have anything to sell, so there's no real pressure to convince anyone to use our tool! This discussion endeavors to compile reasons VizAlerts may not be something you'd want to install and use on your Tableau Server instance.
- Users can often be confused about the disabled subscription schedules you must set up in Tableau Server. They'll subscribe to them, thinking they are normal subscription schedules. The extra schedules also tend to clutter up the schedules list, depending on how many you create.
- Mitigation: Name your schedules such that it's obvious what they're for.
- Helping people understand how to set up a VizAlert for their own content can take some effort. Some folks read the User Guide and are off, others think that VizAlerts is magical and will automatically alert them when their data "changes"--which it won't.
- Mitigation: Build a monitoring dashboard that shows you subscriptions to Tableau Server schedules, and use a URL action with a mailto: link to send them an introduction email with helpful tips and links to the documentation (the current data in the PostgreSQL repository database for Tableau Server unfortunately isn't conducive to building this into a VizAlert )
- Additional effort is required on the part of the Administrator to manage this service. What if the host you're running VizAlerts on goes down? What about when alerts go out late? What about when a new version of VizAlerts is released? It's all additional work.
- Mitigation: Not sure there really is one for this...
- The main risk from a security standpoint is that someone will author an Advanced Alert that automatically emails the wrong data to the wrong person--worst case, outside your organization.
- Mitigation: Use the allowed_recipient_addresses field in the configuration viz to limit the addresses / domains that each user can send to. Potentially, disallow any email action by all users as a default (default_action_enabled_email parameter), then grant access for individual users on an as-needed basis (action_enabled_email field).
- If you do not use encryption to connect to Tableau Server, nor to your SMTP server, the data VizAlerts is pulling, and then emailing, can be intercepted. Additionally, it's possible to intercept and redeem the generated trusted tickets, which could then be used to pull data from another, more secured viz.
- Mitigation: Use...encryption.
- Mitigation: Use...encryption.
- Because schedules in Tableau Server don't have permissions, virtually anyone can subscribe to a VizAlert on any custom schedule you create, more Tableau Server resources will be consumed. In particular with Tableau 10's "subscribe others" functionality (which is great, btw), someone may build an alert and subscribe a large number of others. VizAlerts will then run the alert for each person individually, refreshing all of the data in the viz each time.
- Mitigation: Set timeouts on the more frequently-running schedules to prevent Server resources from being misused. Encourage popular alerts to convert to an Advanced Alert, which can use up less Server resources if built correctly. You can also require approval before a user is allowed to use VizAlerts, if you so desire.
- VizAlerts is an open-source tool that comes with no warranty or promises of support. At the time of this writing, there are only two contributors who answer questions and fix bugs as they have time and inclination to do so. And they're not great at Python, either!
- Mitigation: It's open source. Know how to code? Come help.
- A future Tableau Server product change could break VizAlerts (for example, if disabled subscription schedules no longer showed in the drop-down picker when a user went to subscribe to their view).
- Mitigation: Okay, not so much a mitigation, but it may make you feel better--internally at Tableau, we adopt early Betas of Server and run them on our production environment. This means we're testing VizAlerts on newer versions of Tableau Server ourselves before the product ships. Will we run VizAlerts for forever? Probably not, but for at least the foreseeable future.
Feel free to add responses to this if you can think of additional risks or problems that can be introduced by using VizAlerts.