Skip to main content
Sumo Logic

Collect logs and metrics from PostgreSQL

This page shows you how to configure log and metric collection for PostgreSQL, as well as providing log and query examples.

This page provides instructions for configuring log and metric collection for the Sumo Logic App for PostgreSQL.

Collection Process Overview

Configuring log and metric collection for the PostgreSQL App includes the following tasks:

Step 1: Configure Access

On your PostgreSQL database cluster, create a user that has access to following tables:

  • pg_stat_database
  • pg_stat_bgwriter
  • pg_stat_replication
  • pg_database
  • pg_locks
  • pg_stat_user_tables
  • pg_stat_user_indexes
  • pg_statio_user_indexes
  • pg_statio_user_tables
  • pg_class

Step 2: Configure Fields in Sumo Logic

Create the following Fields in Sumo Logic before configuring collection. This ensures that your logs and metrics are tagged with relevant metadata, which is required by the app dashboards. For information on setting up fields, see the Fields help page.

If you are using PostgreSQL in a  non-Kubernetes environment create the fields:

  • component
  • environment
  • db_system
  • db_cluster
  • pod

If you are using PostgreSQL in a Kubernetes environment create the fields:

  • pod_labels_component
  • pod_labels_environment
  • pod_labels_db_system
  • pod_labels_db_cluster

Step 3: Configure Collection for PostgreSQL

Sumo Logic supports collection of logs and metrics data from PostgreSQL in both Kubernetes and non-Kubernetes environments. 

Please click on the appropriate links below based on the environment where your PostgreSQL clusters are hosted.

Query Sample

This sample Query is from the Fatal Errors panel of the PostgreSQL - Overview dashboard.

Query String

_sourceCategory=/PostgreSQL/*  db_system=postgresql db_cluster={{db_cluster}} 

| json auto maxdepth 1 nodrop
| if (isEmpty(log), _raw, log) as _raw
| parse "* * * [*] *@* *:  *" as date,time,time_zone,thread_id,user,db,severity,msg 
| where severity IN ("ERROR", "FATAL")
| count by date, time, severity, db, user, msg