postgresql.discovery.yaml

#####################################################################################
#                               Do not edit manually!                               #
# All changes must be made to associated .tmpl file before running 'make bundle.d'. #
#####################################################################################
postgresql:
  enabled: true
  rule:
    docker_observer: type == "container" and any([name, image, command], {# matches "(?i)postgres"}) and not (command matches "splunk.discovery")
    host_observer: type == "hostport" and command matches "(?i)postgres" and not (command matches "splunk.discovery")
    k8s_observer: type == "port" and pod.name matches "(?i)postgres"
  config:
    default:
        username: splunk.discovery.default
        password: splunk.discovery.default
  status:
    metrics:
      - status: successful
        strict: postgresql.commits
        message: PostgreSQL receiver is working!
    statements:
      - status: failed
        regexp: 'connect: network is unreachable'
        message: The container cannot be reached by the Collector. Make sure they're in the same network.
      - status: failed
        regexp: 'connect: connection refused'
        message: The container is refusing PostgreSQL connections.
      - status: partial
        regexp: 'pq: password authentication failed for user'
        message: |-
          Make sure your user credentials are correctly specified as environment variables.
          ```
          SPLUNK_DISCOVERY_RECEIVERS_postgresql_CONFIG_username="<username>"
          SPLUNK_DISCOVERY_RECEIVERS_postgresql_CONFIG_password="<password>"
          ```
      - status: partial
        regexp: 'pq: database .* does not exist'
        message: |-
          Make sure the target database is correctly specified as an environment variable.
          ```
          SPLUNK_DISCOVERY_RECEIVERS_postgresql_CONFIG_databases="[<db>]"
          ```
      - status: partial
        regexp: 'pq: SSL is not enabled on the server'
        message: |-
          Make sure the target database has SSL enabled or set insecure as an environment variable.
          ```
          SPLUNK_DISCOVERY_RECEIVERS_postgresql_CONFIG_tls_x3a__x3a_insecure="<boolean>"
          ```
      - status: partial
        regexp: 'pq: pg_stat_statements must be loaded via shared_preload_libraries'
        message: |-
          Make sure your PostgreSQL database has `shared_preload_libraries = 'pg_stat_statements'` in the postgresql.conf file and that `CREATE EXTENSION IF NOT EXISTS pg_stat_statements;` has been run for each database you would like to monitor. For example:
          ```
          psql --dbname "<db-name>" -c "CREATE EXTENSION pg_stat_statements;"
          ```