From eed141e7452715cc50cc5d71112faf0d752a665d Mon Sep 17 00:00:00 2001 From: Mike Peralta Date: Fri, 10 Apr 2026 13:27:37 -0400 Subject: [PATCH] Improve clarity of DBM Amazon Aurora Postgres setup page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Split config parameters table into Required/Optional sections - Add explicit heading for explain plan function - Fix 9.6 Verify tab to use function form (was identical to ≥10 tab) - Rename sections: "Verify database permissions" and "Verify Agent setup" - Simplify Grant intro paragraph; fix passive voice - Add missing period to Troubleshooting sentence Co-Authored-By: Claude Sonnet 4.6 --- .../setup_postgres/aurora.md | 39 ++++++++++++------- 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/content/en/database_monitoring/setup_postgres/aurora.md b/content/en/database_monitoring/setup_postgres/aurora.md index 899282cfef3..a53aa1270db 100644 --- a/content/en/database_monitoring/setup_postgres/aurora.md +++ b/content/en/database_monitoring/setup_postgres/aurora.md @@ -32,7 +32,7 @@ Performance impact Database Monitoring runs as an integration on top of the base Agent ([see benchmarks][1]). Proxies, load balancers, and connection poolers -: The Datadog Agent must connect directly to the host being monitored. For self-hosted databases, `127.0.0.1` or the socket is preferred. The Agent should not connect to the database through a proxy, load balancer, connection pooler such as `pgbouncer`, or the **Aurora cluster endpoint**. If connected to the cluster endpoint, the Agent collects data from one random replica, and only provides visibility into that replica. If the Agent connects to different hosts while it is running (as in the case of failover, load balancing, and so on), the Agent calculates the difference in statistics between two hosts, producing inaccurate metrics. +: The Datadog Agent must connect directly to the host being monitored. For self-hosted databases, use `127.0.0.1` or the socket. The Agent should not connect to the database through a proxy, load balancer, connection pooler such as `pgbouncer`, or the **Aurora cluster endpoint**. If connected to the cluster endpoint, the Agent collects data from one random replica, and only provides visibility into that replica. If the Agent connects to different hosts while it is running (as in the case of failover, load balancing, and so on), the Agent calculates the difference in statistics between two hosts, producing inaccurate metrics. Data security considerations : See [Sensitive information][2] for information about what data the Agent collects from your databases and how to ensure it is secure. @@ -41,23 +41,30 @@ Data security considerations Configure the following [parameters][3] in the [DB parameter group][4] and then **restart the server** for the settings to take effect. For more information about these parameters, see the [Postgres documentation][5]. +**Required parameters** + | Parameter | Value | Description | | --- | --- | --- | | `shared_preload_libraries` | `pg_stat_statements` | Required for `postgresql.queries.*` metrics. Enables collection of query metrics using the [pg_stat_statements][5] extension. On by default in Aurora. | | `track_activity_query_size` | `4096` | Required for collection of larger queries. Increases the size of SQL text in `pg_stat_activity`. If left at the default value then queries longer than `1024` characters will not be collected. | -| `pg_stat_statements.track` | `ALL` | Optional. Enables tracking of statements within stored procedures and functions. | -| `pg_stat_statements.max` | `10000` | Optional. Increases the number of normalized queries tracked in `pg_stat_statements`. This setting is recommended for high-volume databases that see many different types of queries from many different clients. | -| `pg_stat_statements.track_utility` | `off` | Optional. Disables utility commands like PREPARE and EXPLAIN. Setting this value to `off` means only queries like SELECT, UPDATE, and DELETE are tracked. | -| `track_io_timing` | `on` | Optional. Enables collection of block read and write times for queries. | + +**Optional parameters** + +| Parameter | Value | Description | +| --- | --- | --- | +| `pg_stat_statements.track` | `ALL` | Enables tracking of statements within stored procedures and functions. | +| `pg_stat_statements.max` | `10000` | Increases the number of normalized queries tracked in `pg_stat_statements`. Recommended for high-volume databases that see many different types of queries from many different clients. | +| `pg_stat_statements.track_utility` | `off` | Disables utility commands like PREPARE and EXPLAIN. Setting this value to `off` means only queries like SELECT, UPDATE, and DELETE are tracked. | +| `track_io_timing` | `on` | Enables collection of block read and write times for queries. | ## Grant the Agent access -The Datadog Agent requires read-only access to the database server in order to collect statistics and queries. +The Datadog Agent requires read-only access to the database server to collect statistics and queries. -The following SQL commands should be executed on the **primary** database server (the writer) in the cluster if Postgres is replicated. Choose a PostgreSQL database on the database server for the Agent to connect to. The Agent can collect telemetry from all databases on the database server regardless of which one it connects to, so a good option is to use the default `postgres` database. Choose a different database only if you need the Agent to run [custom queries against data unique to that database][6]. +Run the following SQL commands on the **primary** database server (the writer) in the cluster if Postgres is replicated. The Agent can collect telemetry from all databases on the server regardless of which database it connects to. Use the default `postgres` database unless you need the Agent to run [custom queries against data unique to a different database][6]. -Connect to the chosen database as a superuser (or another user with sufficient permissions). For example, if your chosen database is `postgres`, connect as the `postgres` user using [psql][7] by running: +Connect to your chosen database as a superuser (or another user with sufficient permissions). For example, to connect to the `postgres` database using [psql][7]: ```bash psql -h mydb.example.com -d postgres -U postgres @@ -69,7 +76,7 @@ Create the `datadog` user: CREATE USER datadog WITH password ''; ``` -**Note:** IAM authentication is also supported. Please see [the guide][14] on how to configure this for your Aurora instance. +**Note:** IAM authentication is also supported. See [the guide][14] on how to configure this for your Aurora instance. {{< tabs >}} {{% tab "Postgres ≥ 10" %}} @@ -115,7 +122,9 @@ SECURITY DEFINER;
For data collection or custom metrics that require querying additional tables, you may need to grant the SELECT permission on those tables to the datadog user. Example: grant SELECT on <TABLE_NAME> to datadog;. See PostgreSQL custom metric collection for more information.
-Create the function **in every database** to enable the Agent to collect explain plans. +### Create the explain plan function + +Create the following function **in every database** to enable the Agent to collect explain plans: ```SQL CREATE OR REPLACE FUNCTION datadog.explain_statement( @@ -145,7 +154,7 @@ SECURITY DEFINER; ### Securely store your password {{% dbm-secret %}} -### Verify +### Verify database permissions To verify the permissions are correct, run the following commands to confirm the Agent user is able to connect to the database and read the core tables: @@ -175,11 +184,11 @@ psql -h localhost -U datadog postgres -A \ && echo -e "\e[0;32mPostgres connection - OK\e[0m" \ || echo -e "\e[0;31mCannot connect to Postgres\e[0m" psql -h localhost -U datadog postgres -A \ - -c "select * from pg_stat_activity limit 1;" \ + -c "select * from datadog.pg_stat_activity() limit 1;" \ && echo -e "\e[0;32mPostgres pg_stat_activity read OK\e[0m" \ || echo -e "\e[0;31mCannot read from pg_stat_activity\e[0m" psql -h localhost -U datadog postgres -A \ - -c "select * from pg_stat_statements limit 1;" \ + -c "select * from datadog.pg_stat_statements() limit 1;" \ && echo -e "\e[0;32mPostgres pg_stat_statements read OK\e[0m" \ || echo -e "\e[0;31mCannot read from pg_stat_statements\e[0m" ``` @@ -509,11 +518,13 @@ To avoid exposing the `datadog` user's password in plain text, use the Agent's [ {{% /tab %}} {{< /tabs >}} -### Validate +### Verify Agent setup [Run the Agent's status subcommand][10] and look for `postgres` under the Checks section. Or visit the [Databases][11] page to get started! + ## Example Agent Configurations {{% dbm-postgres-agent-config-examples %}} + ## Install the RDS Integration To see infrastructure metrics from AWS, such as CPU, alongside the database telemetry directly in DBM, install the [RDS integration][12] (optional).