Skip to main content

Supported Databases

DatabaseStatusDefault Port
ClickHouseAvailable8443
PostgreSQLAvailable5432
SnowflakeAvailableAccount-based
Amazon RedshiftAvailable5439
Google BigQueryAvailableAccount-based

Creating a Connection

1

Navigate to Connections

Open the sidebar and click Connections under the Data section. Click the New Connection button.
2

Select the database type

Choose your database type from the dropdown: PostgreSQL, ClickHouse, Snowflake, Redshift, or BigQuery.
3

Enter connection details

Fill in the connection form:
FieldDescription
NameA friendly label for this connection (e.g., “Production ClickHouse”)
HostDatabase hostname or IP address
PortDatabase port (pre-filled with the default for your selected type)
DatabaseName of the database to connect to
UsernameA database user with read access
PasswordThe password for the database user
Secure (SSL/TLS)Toggle to enable encrypted connections to your database
4

Test the connection

Click Test Connection to verify that Vigilos can reach your database. See the next section for status indicators.
5

Save the connection

Click Save. Your credentials are encrypted with AES-256 before being written to storage.

Testing Connections

The Test Connection button sends a lightweight query to your database to verify connectivity and authentication. After testing, the connection shows one of the following status indicators:
StatusMeaning
ActiveConnection is working and ready to use
TestingA connection test is currently in progress
ErrorThe test failed - check your hostname, port, credentials, and network access
InactiveConnection has been disabled or has not been tested yet
If you see an Error status, verify the following:
  • The hostname and port are correct
  • The database user and password are valid
  • Your database is reachable from the internet (or from Vigilos’s network if using a private connection)
  • The specified database name exists
  • SSL/TLS settings match your database’s configuration

Security

Vigilos takes connection security seriously:
  • AES-256 encryption - credentials are encrypted immediately upon submission, before they are stored. No plaintext credentials exist in the database at any point.
  • Encrypted at rest - the encrypted credentials are stored with disk-level encryption.
  • No credential exposure - connection passwords are never returned in API responses or displayed in the UI after creation. You can update them but never view them.
Even Vigilos platform administrators cannot view your plaintext database credentials. The encryption keys are managed separately from the application database.

Network Requirements

Your database must be reachable from Vigilos’s infrastructure for queries to execute. Depending on your setup:
If your database has a public hostname or IP address, no additional configuration is needed. Ensure that your firewall allows inbound connections on the database port from Vigilos’s IP range.
For databases behind a VPN or private network, you may need to set up a secure tunnel or allowlist Vigilos’s IP addresses. Contact support for the current IP range.
We strongly recommend enabling the Secure toggle for all connections. This encrypts data in transit between Vigilos and your database, preventing interception of query data and results.Most cloud-hosted databases (AWS RDS, GCP Cloud SQL, ClickHouse Cloud) support SSL/TLS out of the box.