{"id":13562648,"url":"https://github.com/burningalchemist/sql_exporter","last_synced_at":"2026-04-08T14:08:45.768Z","repository":{"id":39618303,"uuid":"217595262","full_name":"burningalchemist/sql_exporter","owner":"burningalchemist","description":"Database-agnostic SQL Exporter for Prometheus","archived":false,"fork":false,"pushed_at":"2026-03-26T09:24:40.000Z","size":9760,"stargazers_count":533,"open_issues_count":3,"forks_count":102,"subscribers_count":5,"default_branch":"master","last_synced_at":"2026-03-27T03:28:51.678Z","etag":null,"topics":["clickhouse","database","monitoring","mssql","mysql","postgresql","prometheus","sql"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/burningalchemist.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"burningalchemist","ko_fi":"burningalchemist"}},"created_at":"2019-10-25T18:43:09.000Z","updated_at":"2026-03-26T09:20:33.000Z","dependencies_parsed_at":"2024-03-22T13:30:28.113Z","dependency_job_id":"ee081b2e-5f92-4ee6-8b0a-c063686df25d","html_url":"https://github.com/burningalchemist/sql_exporter","commit_stats":{"total_commits":477,"total_committers":32,"mean_commits":14.90625,"dds":0.5555555555555556,"last_synced_commit":"3416f4b60427e9672396eee597789ff485c38620"},"previous_names":[],"tags_count":102,"template":false,"template_full_name":null,"purl":"pkg:github/burningalchemist/sql_exporter","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/burningalchemist%2Fsql_exporter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/burningalchemist%2Fsql_exporter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/burningalchemist%2Fsql_exporter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/burningalchemist%2Fsql_exporter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/burningalchemist","download_url":"https://codeload.github.com/burningalchemist/sql_exporter/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/burningalchemist%2Fsql_exporter/sbom","scorecard":{"id":258767,"data":{"date":"2025-08-11","repo":{"name":"github.com/burningalchemist/sql_exporter","commit":"084d6d0c2166b403362beb4490dcd87099e4307d"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.3,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/9 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/helm-workflow.yaml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 0.18.1 not signed: https://api.github.com/repos/burningalchemist/sql_exporter/releases/232861729","Warn: release artifact chart-sql-exporter-0.12.5 not signed: https://api.github.com/repos/burningalchemist/sql_exporter/releases/232870471","Warn: release artifact 0.18.0 not signed: https://api.github.com/repos/burningalchemist/sql_exporter/releases/224332725","Warn: release artifact chart-sql-exporter-0.12.4 not signed: https://api.github.com/repos/burningalchemist/sql_exporter/releases/224343227","Warn: release artifact 0.17.3 not signed: https://api.github.com/repos/burningalchemist/sql_exporter/releases/216749081","Warn: release artifact 0.18.1 does not have provenance: https://api.github.com/repos/burningalchemist/sql_exporter/releases/232861729","Warn: release artifact chart-sql-exporter-0.12.5 does not have provenance: https://api.github.com/repos/burningalchemist/sql_exporter/releases/232870471","Warn: release artifact 0.18.0 does not have provenance: https://api.github.com/repos/burningalchemist/sql_exporter/releases/224332725","Warn: release artifact chart-sql-exporter-0.12.4 does not have provenance: https://api.github.com/repos/burningalchemist/sql_exporter/releases/224343227","Warn: release artifact 0.17.3 does not have provenance: https://api.github.com/repos/burningalchemist/sql_exporter/releases/216749081"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:51"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-workflow.yaml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/helm-workflow.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/burningalchemist/sql_exporter/release.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:3","Warn: containerImage not pinned by hash: Dockerfile:13","Warn: containerImage not pinned by hash: Dockerfile.multi-arch:3","Warn: containerImage not pinned by hash: Dockerfile.multi-arch:16: pin your Docker image by updating quay.io/prometheus/busybox:latest to quay.io/prometheus/busybox:latest@sha256:dfa54ef35e438b9e71ac5549159074576b6382f95ce1a434088e05fd6b730bc4","Info:   0 out of  12 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  13 third-party GitHubAction dependencies pinned","Info:   0 out of   4 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (29) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T10:17:20.283Z","repository_id":39618303,"created_at":"2025-08-17T10:17:20.283Z","updated_at":"2025-08-17T10:17:20.283Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31307462,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["clickhouse","database","monitoring","mssql","mysql","postgresql","prometheus","sql"],"created_at":"2024-08-01T13:01:10.741Z","updated_at":"2026-04-02T14:02:17.712Z","avatar_url":"https://github.com/burningalchemist.png","language":"Go","readme":"# SQL Exporter for Prometheus\n[![Go](https://github.com/burningalchemist/sql_exporter/workflows/Go/badge.svg)](https://github.com/burningalchemist/sql_exporter/actions?query=workflow%3AGo) [![Go Report Card](https://goreportcard.com/badge/github.com/burningalchemist/sql_exporter)](https://goreportcard.com/report/github.com/burningalchemist/sql_exporter) [![Docker Pulls](https://img.shields.io/docker/pulls/burningalchemist/sql_exporter)](https://hub.docker.com/r/burningalchemist/sql_exporter) ![Downloads](https://img.shields.io/github/downloads/burningalchemist/sql_exporter/total) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/sql-exporter)](https://artifacthub.io/packages/helm/sql-exporter/sql-exporter)\n\n## Overview\n\nSQL Exporter is a configuration driven exporter that exposes metrics gathered from DBMSs, for use by the Prometheus\nmonitoring system. Out of the box, it provides support for the following databases and compatible interfaces:\n\n- MySQL\n- PostgreSQL\n- Microsoft SQL Server\n- Oracle Database\n- Clickhouse\n- Snowflake\n- Vertica\n\nIn fact, any DBMS for which a Go driver is available may be monitored after rebuilding the binary with the DBMS driver\nincluded.\n\nThe collected metrics and the queries that produce them are entirely configuration defined. SQL queries are grouped into\ncollectors -- logical groups of queries, e.g. *query stats* or *I/O stats*, mapped to the metrics they populate.\nCollectors may be DBMS-specific (e.g. *MySQL InnoDB stats*) or custom, deployment specific (e.g. *pricing data\nfreshness*). This means you can quickly and easily set up custom collectors to measure data quality, whatever that might\nmean in your specific case.\n\nPer the Prometheus philosophy, scrapes are synchronous (metrics are collected on every `/metrics` poll) but, in order to\nkeep load at reasonable levels, minimum collection intervals may optionally be set per collector, producing cached\nmetrics when queried more frequently than the configured interval.\n\n## Usage\n\nGet Prometheus SQL Exporter, either as a [packaged release](https://github.com/burningalchemist/sql_exporter/releases/latest),\nas a [Docker image](https://hub.docker.com/r/burningalchemist/sql_exporter).\n\nUse the `-help` flag to get help information.\n\n```shell\n$ ./sql_exporter -help\nUsage of ./sql_exporter:\n  -config.file string\n      SQL Exporter configuration file path. (default \"sql_exporter.yml\")\n  -config.check\n      Check configuration and exit.\n  -web.listen-address string\n      Address to listen on for web interface and telemetry. (default \":9399\")\n  -web.metrics-path string\n      Path under which to expose metrics. (default \"/metrics\")\n  [...]\n```\n\n## Build\n\nPrerequisites:\n\n- Go Compiler\n- GNU Make\n\nBy default we produce a binary with all the supported drivers with the following command:\n\n```shell\nmake build\n```\n\nIt's also possible to reduce the size of the binary by only including specific set of drivers like Postgres, MySQL and\nMSSQL. In this case we need to update `drivers.go`. To avoid manual manipulation there is a helper code generator\navailable, so we can run the following commands:\n\n```shell\nmake drivers-minimal\nmake build\n```\n\nThe first command will regenerate `drivers.go` file with a minimal set of imported drivers using `drivers_gen.go`.\n\nRunning `make drivers-all` will regenerate driver set back to the current defaults.\n\nFeel free to revisit and add more drivers as required. There's also the `custom` list that allows managing a separate\nlist of drivers for special needs.\n\n\n## Configuration\n\nSQL Exporter is deployed alongside the DB server it collects metrics from. If both the exporter and the DB\nserver are on the same host, they will share the same failure domain: they will usually be either both up and running\nor both down. When the database is unreachable, `/metrics` responds with HTTP code 500 Internal Server Error, causing\nPrometheus to record `up=0` for that scrape. Only metrics defined by collectors are exported on the `/metrics` endpoint.\nSQL Exporter process metrics are exported at `/sql_exporter_metrics`.\n\nThe configuration examples listed here only cover the core elements. For a comprehensive and comprehensively documented\nconfiguration file check out\n[`documentation/sql_exporter.yml`](https://github.com/burningalchemist/sql_exporter/tree/master/documentation/sql_exporter.yml).\nYou will find ready to use \"standard\" DBMS-specific collector definitions in the\n[`examples`](https://github.com/burningalchemist/sql_exporter/tree/master/examples) directory. You may contribute your\nown collector definitions and metric additions if you think they could be more widely useful, even if they are merely\ndifferent takes on already covered DBMSs.\n\n**`./sql_exporter.yml`**\n\n```yaml\n# Global settings and defaults.\nglobal:\n  # Subtracted from Prometheus' scrape_timeout to give us some headroom and prevent Prometheus from\n  # timing out first.\n  scrape_timeout_offset: 500ms\n  # Minimum interval between collector runs: by default (0s) collectors are executed on every scrape.\n  min_interval: 0s\n  # Maximum number of open connections to any one target. Metric queries will run concurrently on\n  # multiple connections.\n  max_connections: 3\n  # Maximum number of idle connections to any one target.\n  max_idle_connections: 3\n  # Maximum amount of time a connection may be reused to any one target. Infinite by default.\n  max_connection_lifetime: 10m\n\n# The target to monitor and the list of collectors to execute on it.\ntarget:\n  # Target name (optional). Setting this field enables extra metrics e.g. `up` and `scrape_duration` with\n  # the `target` label that are always returned on a scrape.\n  name: \"prices_db\"\n  # Data source name always has a URI schema that matches the driver name. In some cases (e.g. MySQL)\n  # the schema gets dropped or replaced to match the driver expected DSN format.\n  data_source_name: 'sqlserver://prom_user:prom_password@dbserver1.example.com:1433'\n\n  # Collectors (referenced by name) to execute on the target.\n  # Glob patterns are supported (see \u003chttps://pkg.go.dev/path/filepath#Match\u003e for syntax).\n  collectors: [pricing_data_freshness, pricing_*]\n\n  # In case you need to connect to a backend that only responds to a limited set of commands (e.g. pgbouncer) or\n  # a data warehouse you don't want to keep online all the time (due to the extra cost), you might want to disable `ping`\n  # enable_ping: true\n\n# Collector definition files.\n# Glob patterns are supported (see \u003chttps://pkg.go.dev/path/filepath#Match\u003e for syntax).\ncollector_files:\n  - \"*.collector.yml\"\n```\n\n\u003e [!NOTE]\n\u003e The `collectors` and `collector_files` configurations support [Glob pattern matching](https://pkg.go.dev/path/filepath#Match).\nTo match names with literal pattern terms in them, e.g. `collector_*1*`, these must be escaped: `collector_\\*1\\*`.\n\n### Collectors\n\nCollectors may be defined inline, in the exporter configuration file, under `collectors`, or they may be defined in\nseparate files and referenced in the exporter configuration by name, making them easy to share and reuse.\n\nThe collector definition below generates gauge metrics of the form `pricing_update_time{market=\"US\"}`.\n\n**`./pricing_data_freshness.collector.yml`**\n\n```yaml\n# This collector will be referenced in the exporter configuration as `pricing_data_freshness`.\ncollector_name: pricing_data_freshness\n\n# A Prometheus metric with (optional) additional labels, value and labels populated from one query.\nmetrics:\n  - metric_name: pricing_update_time\n    type: gauge\n    help: 'Time when prices for a market were last updated.'\n    key_labels:\n      # Populated from the `market` column of each row.\n      - Market\n    static_labels:\n      # Arbitrary key/value pair\n      portfolio: income\n    values: [LastUpdateTime]\n    # Static metric value (optional). Useful in case we are interested in string data (key_labels) only. It's mutually\n    # exclusive with `values` field.\n    # static_value: 1\n    # Timestamp value (optional). Should point at the existing column containing valid timestamps to return a metric\n    # with an explicit timestamp.\n    # timestamp_value: CreatedAt\n    query: |\n      SELECT Market, max(UpdateTime) AS LastUpdateTime\n      FROM MarketPrices\n      GROUP BY Market\n```\n\n### Database URLs (URL-format DSNs)\n\nTo keep things simple and yet allow fully configurable database connections, SQL Exporter uses database URLs\n(URL-format DSNs) (like `sqlserver://prom_user:prom_password@dbserver1.example.com:1433`) to refer to database\ninstances.\n\nThis exporter relies on `xo/dburl` package for parsing URL-format DSNs. The goal is to have a unified way to specify\nDSNs across all supported databases. This can potentially affect your connection to certain databases like MySQL, so\nyou might want to adjust your connection string accordingly:\n\n```plaintext\nmysql://user:pass@localhost/dbname - for TCP connection\nmysql:/var/run/mysqld/mysqld.sock - for Unix socket connection\n```\n\n\u003e [!IMPORTANT]\n\u003e If your DSN contains special characters in any part of your connection string (including passwords), you might need to\n\u003e apply [URL encoding](https://en.wikipedia.org/wiki/URL_encoding#Reserved_characters) (percent-encoding) to them.\n\u003e For example, `p@$$w0rd#abc` then becomes `p%40%24%24w0rd%23abc`.\n\nFor additional details please refer to [xo/dburl](https://github.com/xo/dburl) documentation.\n\n## Security Features\n\nThe Helm chart provides enterprise-grade security capabilities for protecting your metrics endpoint:\n\n### TLS/HTTPS Encryption\nSecure metrics transport using TLS certificates from Kubernetes secrets. Supports TLS 1.3 with configurable cipher suites. See [tls-only example](examples/tls-only/).\n\n### Basic Authentication\nPassword-protected metrics endpoint with bcrypt-hashed credentials. Passwords are automatically hashed during pod initialization from plaintext secrets. See [auth-only example](examples/auth-only/).\n\n### Combined Security\nTLS and authentication can be used together, with support for shared or separate Kubernetes secrets for maximum flexibility. See [tls-auth example](examples/tls-auth/).\n\n### Prometheus Integration\nKubernetes-native ServiceMonitor automatically configures Prometheus for HTTPS scraping and basic authentication when enabled.\n\n\n## Miscellaneous\n\n\u003cdetails\u003e\n\u003csummary\u003eHandling NULL values\u003c/summary\u003e\n\nQueries that return `NULL` values are supported, but they are not rendered as metrics. It's useful for situations, when\nthe result set depends on some conditions, so it may be empty. Whenever a query returns `NULL` values, the exporter\nlogs a message at the `Debug` level. If your query constantly returns `NULL` values, it most likely means that you need\nto revisit your query logic.\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eMultiple database connections\u003c/summary\u003e\n\nIt is possible to run a single exporter instance against multiple database connections. In this case we need to\nconfigure `jobs` list instead of the `target` section as in the following example:\n\n```yaml\njobs:\n  - job_name: db_targets\n    collectors: [pricing_data_freshness, pricing_*]\n    enable_ping: true # Optional, true by default. Set to `false` in case you connect to pgbouncer or a data warehouse\n    static_configs:\n      - targets:\n          pg1: 'pg://db1@127.0.0.1:25432/postgres?sslmode=disable'\n          pg2: 'postgresql://username:password@pg-host.example.com:5432/dbname?sslmode=disable'\n        labels:  # Optional, arbitrary key/value pair for all targets\n          cluster: cluster1\n```\n\n, where DSN strings are assigned to the arbitrary instance names (i.e. pg1 and pg2).\n\nWe can also define multiple jobs to run different collectors against different target sets.\n\nSince v0.14, sql_exporter can be passed an optional list of job names to filter out metrics. The `jobs[]` query\nparameter may be used multiple times. In Prometheus configuration we can use this syntax under the [scrape\nconfig](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#%3Cscrape_config%3E):\n\n```yaml\n  params:\n    jobs[]:\n      - db_targets1\n      - db_targets2\n```\n\nThis might be useful for scraping targets with different intervals or any other advanced use cases, when calling all\njobs at once is undesired.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eScraping PgBouncer, ProxySQL, Clickhouse or Snowflake\u003c/summary\u003e\n\nGiven that PgBouncer is a connection pooler, it doesn't support all the commands that a regular SQL database does, so\nwe need to make some adjustments to the configuration:\n\n- add `enable_ping: false` to the metric/job configuration as PgBouncer doesn't support the ping command;\n- add `no_prepared_statement: true` to the metric/job configuration as PgBouncer doesn't support the extended query protocol;\n\nFor libpq (postgres) driver we only need to set `no_prepared_statement: true` parameter. For pgx driver, we also need to\nadd `default_query_exec_mode=simple_protocol` parameter to the DSN (for v5).\n\nBelow is an example of a metric configuration for PgBouncer:\n```yaml\n    metrics:\n      - metric_name: max_connections\n        no_prepared_statement: true\n        type: gauge\n        values: [max_connections]\n        key_labels:\n          - name\n          - database\n          - force_user\n          - pool_mode\n          - disabled\n          - paused\n          - current_connections\n          - reserve_pool\n          - min_pool_size\n          - pool_size\n          - port\n        query: |\n          SHOW DATABASES;\n\n```\n\nSame goes for ProxySQL and Clickhouse, where we need to add `no_prepared_statement: true` to the metric/job\nconfiguration, as these databases doesn't support prepared statements.\n\nIn case, you connect to a data warehouse (e.g. Snowflake) you don't want to keep online all the time (due to the extra\ncost), you might want to disable `ping` by setting `enable_ping: false`.\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eScraping timestamp value from the result set\u003c/summary\u003e\n  \nSome database drivers by default return DATE or DATETIME values as String type, whereas sql_exporter expects it to be Time.\n\nThis may result in the following error:\n```\nunsupported Scan, storing driver.Value type []uint8 into type *time.Time\n```\n\nTo resolve the issue, make sure to include `parseTime=true` as a parameter on the DSN, so values with TIMESTAMP,\nDATETIME, TIME, DATE types will end up as `time.Time` type, which is a requirement on the sql_exporter side to process\nthe value correctly.\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eUsing Secret Manager references (AWS/GCP/Vault/Kubernetes)\u003c/summary\u003e\n\nSQL Exporter supports multiple secret management backends:\n\n**Kubernetes Secrets** (for Kubernetes deployments):\n```\nk8ssecret://[namespace/]secret-name?key=field\u0026template=dsn_template\n```\nRecommended for Kubernetes deployments. Requires RBAC permissions for the service account to read secrets. See [k8s-secret example](examples/k8s-secret/) for detailed setup instructions and the Helm chart automatically creates necessary RBAC resources.\n\n**Cloud-based Secret Managers**:\nIf the database runs on AWS or Google Cloud, you might want to store the DSN in their Secret Manager services and allow SQL Exporter to access it from there. This way you can avoid hardcoding credentials in the configuration file and benefit from the security features of these services. In addition, Vault is also available as a secret manager option for SQL Exporter.\n\nThe secrets can be referenced in the configuration file as a value for `data_source_name` item using the following syntax:\n\n```\nawssecretsmanager://\u003cSECRET_NAME\u003e?region=\u003cAWS_REGION\u003e\u0026key=\u003cJSON_KEY\u003e\ngcpsecretsmanager://\u003cSECRET_NAME\u003e?project_id=\u003cGCP_PROJECT_ID\u003e\u0026key=\u003cJSON_KEY\u003e\nhashivault://\u003cMOUNT\u003e/\u003cSECRET_PATH\u003e?key=\u003cJSON_KEY\u003e\n```\n\nThe secret value can be a simple string or a JSON object. If it's a JSON object, you need to specify the `key` query parameter to indicate which value to use as the DSN. If the secret is a valid json but the key is not specified, SQL Exporter will try to use the value of `data_source_name` key by default. If a simple string, then it will be used as the DSN directly. Using JSON format gives more flexibility and allows to store additional information or multiple DSNs in the same secret resource.\n\nSecret references are supported for both single-target and jobs setups, so you can use them in both cases without any issues. Just make sure to use the correct syntax and provide the necessary parameters for the secret manager you choose. Also check the permissions and access policies for the secret manager to ensure that SQL Exporter has the necessary access to read the secrets.\n\nSecrets are only resolved at startup, so if the secret value changes, you need to restart SQL Exporter to pick up the new value. Or use the `reload` endpoint to trigger a configuration reload without restarting the process, but keep in mind that this will also reload the entire configuration, not just the secrets.\n\nFor Vault, you also need to specify the `VAULT_ADDR` and `VAULT_TOKEN` environment variables to allow SQL Exporter to authenticate. This is a regular practice and goes beyond the scope of this document, so please refer to Vault documentation for more details on how to set up and use Vault for secrets management.\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eRun as a Windows service\u003c/summary\u003e\n\nIf you run SQL Exporter from Windows, it might come in handy to register it as a service to avoid interactive sessions.\nIt is **important** to define `--config.file` parameter to load the configuration file. The other settings can be added\nas well. The registration itself is performed with Powershell or CMD (make sure you run it as Administrator):\n\nPowershell:\n\n```powershell\nNew-Service -name \"SqlExporterSvc\" `\n-BinaryPathName \"%SQL_EXPORTER_PATH%\\sql_exporter.exe --config.file %SQL_EXPORTER_PATH%\\sql_exporter.yml\" `\n-StartupType Automatic `\n-DisplayName \"Prometheus SQL Exporter\"\n```\n\nCMD:\n\n```shell\nsc.exe create SqlExporterSvc binPath= \"%SQL_EXPORTER_PATH%\\sql_exporter.exe --config.file %SQL_EXPORTER_PATH%\\sql_exporter.yml\" start= auto\n```\n\n`%SQL_EXPORTER_PATH%` is a path to the SQL Exporter binary executable. This document assumes that configuration files\nare in the same location.\n\nIn case you need a more sophisticated setup (e.g. with logging, environment variables, etc), you might want to use [NSSM](https://nssm.cc/) or\n[WinSW](https://github.com/winsw/winsw). Please consult their documentation for more details.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eUsing WinSSPI/NTLM as the authentication mechanism for MSSQL\u003c/summary\u003e\n\nIf sql_exporter is running in the same Windows domain as the MSSQL, then you can use the parameter `authenticator=winsspi` within the connection string to authenticate without any additional credentials:\n\n```\nsqlserver://@\u003cHOST\u003e:\u003cPORT\u003e?authenticator=winsspi\n```\n\nIf you want to use Windows credentials to authenticate instead of MSSQL credentials, you can use the parameter `authenticator=ntlm` within the connection string. The USERNAME and PASSWORD then corresponds\nto a Windows username and password. The Windows domain may need to be prefixed to the username with a trailing `\\`:\n\n```\nsqlserver://\u003cDOMAIN\\USERNAME\u003e:\u003cPASSWORD\u003e@\u003cHOST\u003e:\u003cPORT\u003e?authenticator=ntlm\n```\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eTLS and Basic Authentication\u003c/summary\u003e\n\nSQL Exporter supports TLS and Basic Authentication. This enables better control of the various HTTP endpoints.\n\nTo use TLS and/or Basic Authentication, you need to pass a configuration file using the `--web.config.file` parameter.\nThe format of the file is described in the\n[exporter-toolkit](https://github.com/prometheus/exporter-toolkit/blob/master/docs/web-configuration.md) repository.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eRate Limiting\u003c/summary\u003e\n\nSince v0.18.5 SQL Exporter supports rate limiting for incoming requests to the HTTP endpoints.\n\nTo use rate limiting for incoming requests, you need to pass a configuration file using the `--web.config.file`\nparameter. In the configuration file you need to specify rate limiting settings as in the example below:\n```yaml\n...\nrate_limit:\n  interval: \"1s\" # time interval between two requests, set to 0 to disable rate limiter\n  burst: 20 # and permits a burst of up to 20 requests.\n...\n```\n\nThe format of the file is described in the\n[exporter-toolkit](https://github.com/prometheus/exporter-toolkit/blob/master/docs/web-configuration.md) repository.\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eMySQL Custom TLS Certificate Support\u003c/summary\u003e\n\nSince v0.20.0 SQL Exporter supports custom TLS certificates for MySQL connections. This is useful when you have a\nself-signed certificate, a certificate from a private CA, or want to use mTLS for MySQL connections.\n\nTo use custom TLS certificates for MySQL connections, you need to add the following parameters to the DSN:\n\n1. `tls=custom` to indicate that you want to use a custom TLS configuration (required to enable custom TLS support);\n2. `tls-ca=\u003cPATH_TO_CA_CERT\u003e` to specify the path to the CA certificate file (if your certificate is self-signed or\n   from a private CA);\n3. `tls-cert=\u003cPATH_TO_CLIENT_CERT\u003e` and `tls-key=\u003cPATH_TO_CLIENT_KEY\u003e` to specify the paths to the client certificate\n   and key files if you want to use mTLS (if your MySQL server requires client authentication).\n\nThe DSN would look like this:\n```\nmysql://user:password@hostname:port/dbname?tls=custom\u0026tls-ca=/path/to/ca.pem\nmysql://user:password@hostname:port/dbname?tls=custom\u0026tls-cert=/path/to/client-cert.pem\u0026tls-key=/path/to/client-key.pem\n```\n\nThis configuration is only applied to MySQL as there is no way to provide the configuration natively. For other\ndatabases, you may want to consult their documentation on how to set up TLS connections and apply the necessary\nparameters to the DSN if it's supported by the driver.\n\nTLS Configuration is bound to the hostname+port combinations, so if there are connections using the same hostname+port\ncombination, they will share and re-use the same TLS configuration.\n\u003c/details\u003e\n\n## Support\n\nIf you have an issue using sql_exporter, please check [Discussions](https://github.com/burningalchemist/sql_exporter/discussions) or\nclosed [Issues](https://github.com/burningalchemist/sql_exporter/issues?q=is%3Aissue+is%3Aclosed) first. Chances are\nsomeone else has already encountered the same problem and there is a solution. If not, feel free to create a new\ndiscussion.\n\n## Why It Exists\n\nSQL Exporter started off as an exporter for Microsoft SQL Server, for which no reliable exporters exist. But what is\nthe point of a configuration driven SQL exporter, if you're going to use it along with 2 more exporters with wholly\ndifferent world views and configurations, because you also have MySQL and PostgreSQL instances to monitor?\n\nA couple of alternative database agnostic exporters are available:\n\n- [justwatchcom/sql_exporter](https://github.com/justwatchcom/sql_exporter);\n- [chop-dbhi/prometheus-sql](https://github.com/chop-dbhi/prometheus-sql).\n\nHowever, they both do the collection at fixed intervals, independent of Prometheus scrapes. This is partly a\nphilosophical issue, but practical issues are not all that difficult to imagine:\n\n- jitter;\n- duplicate data points;\n- collected but not scraped data points.\n\nThe control they provide over which labels get applied is limited, and the base label set spammy. And finally,\nconfigurations are not easily reused without copy-pasting and editing across jobs and instances.\n\n## Credits\n\nThis is a permanent fork of Database agnostic SQL exporter for [Prometheus](https://prometheus.io) created by\n[@free](https://github.com/free/sql_exporter).\n","funding_links":["https://github.com/sponsors/burningalchemist","https://ko-fi.com/burningalchemist"],"categories":["Go","Integrations"],"sub_categories":["Metrics and Monitoring"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fburningalchemist%2Fsql_exporter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fburningalchemist%2Fsql_exporter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fburningalchemist%2Fsql_exporter/lists"}