Team,
How to connect MS SQL Server database using Telegraf input plugin without using plain password. Currently i’m using the below code in inputs.sqlserver and able to get the metrics.
Instead use this method, can i have any other options (like LDAP,etc,…)
Please provide the solution. Thanks in advance.
[[inputs.sqlserver]]
servers = [
“Server=localhost;Port=1433;User Id=telegraf;Password=xxxxxxxxxx;app name=telegraf;log=1;”
]
Hi @bala_rocky ,
So currently your options are limited in this department. Another approach you could take is saving your password in an environment variable. Though this doesn’t exactly increase security, it stops users from accidentally stumbling by your password.
Currently, it’s advised that you prepare a dedicated Telegraf user and limit its footprint to the essential requirements of the plugin. Improving Telegrafs flexibility with regards to security is always a nice topic in the community. I would advise making a feature request on GitHub outlining a few options. Hopefully one of our great community members will pick up this request.
The SQL Server input allows you to use AD authentication.
You will need to run the Telegraf process/service with an AD user that has the required privileges on the SQL Server instance.
When the username and pw are not provided in the connection string it will automatically try to use the process AD user.
here is the extract from the config that “says it” (not as clear as I’d like it to be)
## By default, the host is localhost, listening on default port, TCP 1433.
## for Windows, the user is the currently running AD user (SSO).
## See https://github.com/denisenkom/go-mssqldb for detailed connection
I’ll check and let you know when require more help. Thanks for your Response.
