Setup TLS for PostgreSQL in the "Database query" probe
Starting with version 5.0 agent supports TLS for PostgreSQL databases in the Database query probe.
| You can enable TLS only via REST API. |
To enable TLS for PostgreSQL database in the "Database query" probe follow the steps below:
-
Setup a Database query sensor to work with existing PostgreSQL database on a new or existing object.
-
Get ID of the object where the database monitoring is set up. You can do this on the "Parameters" tab in the End view.
-
Get ID of the
DatabaseServerUrlproperty of the object where the database monitoring is set up with the Get object properties request:Request example using curllogin=<...> password=<...> saymon_hostname=<...> object_id=<...> url=https://$saymon_hostname/node/api/objects/$object_id/props curl -X GET $url -u $login:$passwordResponse in the JSON format[ ... { "type_id": 8, "name": "DatabaseServerUrl", "value": "jdbc:postgresql://localhost:5432/db-name?user=username&password=password&characterEncoding=utf8", "id": "66aa4dcc5351ea1a23fb63fc" } ... ] -
Add
&ssl=trueto the end of the connection string with the Update Object Property request, using the previously acquired object and property IDs:Request example using curllogin=<...> password=<...> saymon_hostname=<...> object_id=<...> prop_id=<...> url=https://$saymon_hostname/node/api/objects/$object_id/props/$prop_id curl -X PATCH $url -u $login:$password \ -H "Content-Type: application/json" \ -d @- <<EOF { "value": "jdbc:postgresql://localhost:5432/db-name?user=username&password=password&characterEncoding=utf8&ssl=true" } EOF
After completing these steps, you don’t need to restart the agent or the server. Agent will user TLS next time it sends a request to the database.