PostgreSQL Integration
Connect PostgreSQL to enable the AI agent to query logs, metrics, and operational data stored in your PostgreSQL databases during investigations.
Capabilities
Once connected, the AI agent can:
| Capability | Description |
|---|---|
| SQL Queries | Execute read-only SELECT queries against your databases |
| Log Analysis | Search and analyze log data stored in PostgreSQL |
| Schema Exploration | Browse databases, tables, columns, and indexes |
| Metrics Retrieval | Query operational metrics and time-series data |
Read-only access: This integration only executes SELECT queries. UPDATE, DELETE, INSERT, and other data-modifying commands are blocked at the query level.
Prerequisites
- A PostgreSQL instance (version 12 or later recommended)
- A PostgreSQL user account with read permissions
- Network connectivity between Autoheal and your PostgreSQL instance
Setup
- Connect to your PostgreSQL instance
- Create a dedicated user for Autoheal:
CREATE ROLE autoheal_reader WITH LOGIN PASSWORD 'your_secure_password';
GRANT CONNECT ON DATABASE your_database TO autoheal_reader;
GRANT USAGE ON SCHEMA public TO autoheal_reader;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO autoheal_reader;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO autoheal_reader;
- Go to Integrations in Autoheal
- Click PostgreSQL
- Enter a name (e.g., "Production PostgreSQL")
Enter the following:
- Host: PostgreSQL hostname or IP address (e.g.,
postgres.example.com) - Port: PostgreSQL port (default:
5432) - Database: Database name to connect to
- Username: PostgreSQL username
- Password: PostgreSQL password
- SSL Mode: SSL connection mode
Click Test Connection to verify, then Save.
Required Permissions
The PostgreSQL user should have at least these permissions:
| Permission | Why It's Needed |
|---|---|
CONNECT | Connect to the database |
USAGE on schema | Access schema objects |
SELECT on tables | Read data from tables |
Create a dedicated role for Autoheal with only SELECT permissions. Use ALTER DEFAULT PRIVILEGES to automatically grant read access on new tables.
SSL Modes
Select the appropriate SSL mode for your environment:
| Mode | Description |
|---|---|
disable | No SSL (not recommended) |
require | Require SSL but skip certificate verification (default) |
verify-ca | Require SSL and verify the server certificate CA |
verify-full | Require SSL and verify the server certificate and hostname |
Use verify-ca or verify-full in production environments for maximum security. The require mode encrypts the connection but does not verify the server identity.
Example Queries
Once connected, you can ask the AI agent questions like:
Show me errors from the application_logs table in the last hour
Query the events table for failed payments today
What tables exist in the public schema?
Show me the slowest queries from the pg_stat_statements view
Troubleshooting
Connection Refused
- Verify the host and port are correct
- Check that PostgreSQL is running and accepting connections
- Ensure
pg_hba.confallows connections from Autoheal - Verify firewall rules allow connections on the specified port
Authentication Failed
- Verify the username and password are correct
- Check that the user has
LOGINprivilege - Ensure
pg_hba.confallows the authentication method being used
SSL Errors
- Try changing the SSL mode (e.g., from
verify-fulltorequire) - Verify the server certificate is valid if using
verify-caorverify-full - Check that the server supports SSL connections
Permission Denied
- Verify the user has
SELECTpermission on the target tables - Check that
USAGEpermission is granted on the schema - Ensure
CONNECTpermission is granted on the database