Our connector pulls your PostgreSQL logs into Honeycomb for analysis, so you can analyze PostgreSQL traffic on your machines and finally get a quick handle on the database queries triggered by your application logic.
It surfaces attributes like:
- The normalized query shape
- Time spent executing the query
- Transaction ID
- Client information
- … and more!
Honeycomb is unique in its ability to calculate metrics and statistics on the fly, while retaining the full-resolution log lines (and the original query that started it all!).
This document is for running PostgreSQL directly.
If running PostgreSQL on RDS, Honeycomb offers support for ingesting RDS PostgreSQL logs via CloudWatch Logs with the option to convert these unstructured logs into structured logs. honeytail.
Configure PostgreSQL Query Logging
Before running honeytail, turn slow query logging on for all queries if possible.
To turn on slow query logging, edit your postgresql.conf and set:
log_min_duration_statement = 0
log_statement='none'
log_statement indicates which types of queries are logged, but is superseded when setting log_min_duration_statement to 0, as this effectively logs all queries.
Setting log_statement to any other value will change the format of the query logs in a way that is not currently supported by the Honeycomb PostgreSQL parser.
psql shell by running
ALTER SYSTEM SET log_min_duration_statement=0;
ALTER SYSTEM SET log_statement='none';
SELECT pg_reload_conf();
log_line_prefix configuration line. It will look something like this:
log_line_prefix = '%t [%p-%l] %q%u@%d '
Install and Run Honeytail
On your PostgreSQL host, download and install the latest honeytail by running:
deb-amd64
deb-arm64
rpm
bin-linux-amd64
bin-linux-arm64
bin-darwin-amd64
source
Download the honeytail_1.10.0_amd64.deb package.wget -q https://honeycomb.io/download/honeytail/v1.10.0/honeytail_1.10.0_amd64.deb
echo '3db441215f97eaed068aa0531c986cf5405957e3e8e26b22c16b571091caf917 honeytail_1.10.0_amd64.deb' | sha256sum -c
sudo dpkg -i honeytail_1.10.0_amd64.deb
honeytail, its config file /etc/honeytail/honeytail.conf,
and some start scripts.
Build honeytail from source if you need it in an unpackaged form or for ad-hoc use. Download the honeytail_1.10.0_arm64.deb package.wget -q https://honeycomb.io/download/honeytail/v1.10.0/honeytail_1.10.0_arm64.deb
echo '4220756e5a941cde6a484cb4cfde184eb189aaf29170df301a874eb143e960ed honeytail_1.10.0_arm64.deb' | sha256sum -c
sudo dpkg -i honeytail_1.10.0_arm64.deb
honeytail, its config file /etc/honeytail/honeytail.conf,
and some start scripts.
Build honeytail from source if you need it in an unpackaged form or for ad-hoc use. Download the honeytail_1.10.0-1.x86_64.rpm package.wget -q https://honeycomb.io/download/honeytail/v1.10.0/honeytail_1.10.0-1.x86_64.rpm
echo 'b23215a9301b20b2e2262a0823c9e761e8b57e1a62fd5cec35f697fce41fa863 honeytail_1.10.0-1.x86_64.rpm' | sha256sum -c
sudo rpm -i honeytail_1.10.0-1.x86_64.rpm
honeytail, its config file /etc/honeytail/honeytail.conf,
and some start scripts.
Build honeytail from source if you need it in an unpackaged form or for ad-hoc use. Download the 1.10.0 binary.wget -q -O honeytail https://honeycomb.io/download/honeytail/v1.10.0/honeytail-linux-amd64
echo 'c9cc7dd1aa2b12afeb30b089061870f3407d2df0119e7c2807fec648b603e2d5 honeytail' | shasum -a 256 -c
Download the 1.10.0 binary.wget -q -O honeytail https://honeycomb.io/download/honeytail/v1.10.0/honeytail-linux-arm64
echo '1dd37227788548c4ed44592554e3c90e374c4d796c444dde9f372db8618bc7fa honeytail' | shasum -a 256 -c
Download the 1.10.0 binary.wget -q -O honeytail https://honeycomb.io/download/honeytail/v1.10.0/honeytail-darwin-amd64
echo '9a3da0f48fe21b1e610ac6b63130dfb8118a9a0ec16abae13350edba02d85e4d honeytail' | shasum -a 256 -c
Clone the Honeytail repository.git clone https://github.com/honeycombio/honeytail
honeytail.
To consume the current slow query log from the beginning, run:
honeytail \
--writekey=YOUR_API_KEY \
--dataset=postgres-queries --parser=postgresql \
--postgresql.log_line_prefix=YOUR_LOG_LINE_PREFIX \
--file=/var/log/postgresql/postgresql-9.5-main.log \
--tail.read_from=beginning
Troubleshooting
Check out honeytail Troubleshooting for debugging tips.
Run Honeytail Continuously
To run honeytail continuously as a daemon process, first modify the configuration file /etc/honeytail/honeytail.conf and uncomment and set:
ParserName to postgresqlWriteKey to your API key, available from the account pageLogFiles to the path for your PostgreSQL log file.Dataset to the name of the dataset you wish to create with this log file.
Then start honeytail using upstart or systemd:
sudo initctl start honeytail
sudo systemctl start honeytail
Backfill Archived Logs
You may have archived logs that you would like to import into Honeycomb.
If you have a log file located at /var/log/postgresql/postgresql-main.log, you can backfill using this command:
honeytail \
--writekey=YOUR_API_KEY \
--dataset=PostgreSQL \
--parser=postgresql \
--file=/var/log/postgresql/postgresql-main.log \
--postgresql.log_line_prefix=YOUR_CONFIGURED_LOG_LINE_PREFIX \
--backfill
honeytail’s backfill behavior here.
honeytail does not unzip log files, so you will need to do this before backfilling.
honeytail’s PostgreSQL parser, but adding a --scrub_field=query flag to hash the concrete query value.
The normalized_query attribute will still be representative of the shape of the query, and identifying patterns including specific queries will still be possible—but the sensitive information will be completely obscured before leaving your servers.
More information about dropping or scrubbing sensitive fields can be found here.
Open Source
Honeytail is open source and Apache 2.0 licensed. 
