Targets are registered and queried in the console at app.subnomic.com.
Before you start (admin)
- A host or tunnel agent must be installed on a host that can reach the database (often the database host itself,
127.0.0.1).
Register a database
- Go to Databases → New database.
- Pick the engine (PostgreSQL / MySQL / Redis / MongoDB).
- Choose the host or tunnel agent that can reach it.
- Enter host + port (e.g.
127.0.0.1:5432) and optionally a default database. - Enter the username + password — encrypted at rest and never returned by the API.
- Create.
Run queries
Open a target → Console. Type a query and press ⌘/Ctrl + Enter (or Run). Results show as a grid, capped at 1000 rows. Query syntax depends on the engine:
-- Postgres / MySQL
SELECT * FROM users LIMIT 50;
# Redis (command line)
GET mykey
HGETALL session:42
// Mongo (a JSON command document)
{ "find": "users", "filter": { "active": true }, "limit": 10 }
Read vs write
Read queries (SELECT/SHOW/EXPLAIN, Redis GET-family, Mongo find/aggregate) need
database.query_read. Anything else counts as a write and needs database.query_write.
Guardrails can further restrict specific statements (see Guardrails).
Recordings
Open a target → its recordings → a session to replay every query with timing and row counts. Query text is automatically redacted of obvious secrets; result rows are not stored.
Troubleshooting
- Connection / dial timeout — the agent can't reach host:port. Check the value and that the agent's network can reach it. From the DB host itself, use
127.0.0.1. - No agent in the picker — register a host or tunnel agent on a server that can reach the database first.
- Auth failed — the stored username/password is wrong; edit the target to re-enter them.
- A query is blocked — a guardrail denies it, or it needs
database.query_write/ approval. See Guardrails.