🕶️Monitoring User

Version >= 10

create user datasentinel password 'myPassword';
grant pg_monitor,pg_read_all_settings,pg_read_all_stats to datasentinel;

If you intend to use the option for terminating a session directly from the User Interface

grant pg_signal_backend to datasentinel;

It's important to highlight that the user doesn't write data in PostgreSQL Access is confined to read-only permissions solely for retrieving metrics.

For Version < 10

The user must have the role superuser

create user datasentinel password 'myPassword';
alter user datasentinel with superuser;

File pg_hba.conf

  • Add authorization for the monitoring user to connect to all databases with a password

# TYPE  DATABASE        USER            ADDRESS                 METHOD
host    all             datasentinel    127.0.0.1/0             md5

The user needs to be able to connect to ALL databases.

  • Reload the configuration

SSL connection

You can configure the monitoring user to use SSL connections to your PostgreSQL instances

Here are the steps to follow:

  • Navigate to the Agentless Settings section of the UI

  • Ensure that your connection name starts with ssl (for instance, "ssl_crm_production").

  • Transfer the certificates to the /datasentinel/ssl directory on the platform.

  • The name of the certificate files must be standardized starting with the name of the connection, as below

Example
/datasentinel/ssl/ssl_crm_production_root.crt
/datasentinel/ssl/ssl_crm_production_postgresql.crt
/datasentinel/ssl/ssl_crm_production_postgresql.key
  • Change the access permissions: chmod 600

Last updated