Skip to main content
MySQL is a relational database. Connect one and investigations can run read-only SQL against it — checking the rows directly when that’s the fastest way to confirm a hypothesis, like whether a record is in the state the symptoms suggest or when a value last changed.
MySQL connects directly, with its own host and credentials. See How telemetry works for how investigations query your stack, and the telemetry overview for how data sources fit together.

What we support

Investigations query MySQL with read-only SQL. They write the query, run it for the window that matters, and read back the results — joining across tables, filtering and aggregating, and reading from tables and views.

Exploring your schema

Investigations don’t need you to describe your database. They learn its shape on their own: the tables you have, their columns and types, primary and foreign keys, and how tables relate. From there they explore progressively — starting with an overview of the database, then pulling fuller detail on the specific tables a question turns out to need, rather than loading everything up front. That keeps queries accurate against large schemas and grounded in tables that actually exist. How investigations learn and use this structure is covered in How telemetry works.
Investigations only ever read from your database — they never write. Connect with a read-only database user so that guarantee is enforced on your side, not just trusted.

Security

Investigations query your database to read from it, never to change it — and that guarantee is enforced in several independent layers rather than left to trust. Every query runs on a read-only connection. Each query runs on its own fresh connection opened in read-only transaction mode, so there’s no long-lived session that could be left in a writable state. We recommend connecting a read-only database user too, so the guarantee holds on your side as well. Every query is parsed and checked before it runs. Each query is parsed with a real MySQL parser and must be a single SELECT. Anything that writes or changes structure, bundles multiple statements into one request, or reaches a write path another way — such as a write hidden in a subquery — is rejected. Queries can’t overload your database. Every query runs under a timeout and returns a capped number of rows, so a broad or expensive query stays bounded rather than running away. Each query gets its own short-lived connection that we open, use once, and close, so we never hold idle connections open to your database — and we give up quickly on a database we can’t reach. For more on how we handle your data during AI processing, see our Trust Center.

Connecting MySQL

Connect MySQL directly with its connection details. What you’ll need:
  • The host and port of your database (port defaults to 3306).
  • The database name to connect to.
  • A username and password.
  • The TLS mode to use, and any client certificate, client key, or CA certificate your database requires. Mutual TLS is supported for environments that need it.
  1. From the Investigations settings, add a telemetry data source and choose MySQL.
  2. Enter the connection details and credentials, then test the connection.
  3. Once connected, the database is enabled for investigations. You can disable it at any time.

Best practice

  • Connect a read-only user. Investigations only ever read, and a read-only user makes that enforceable on your side.
  • Point it at a replica rather than your primary, so investigation queries never compete with production traffic.
  • Grant access to the tables investigations should see and no more. They explore only what the user can read.

Telemetry overview

How providers, capabilities, and data sources fit together.

How telemetry works

How investigations explore your schema and query your data.