CloudQuery News
Announcing the CloudQuery Tailscale Source Plugin
Update (July 2023): The Tailscale integration is now a premium integration. You can find more information about the pricing here.
Introduction #
The Tailscale source integration for CloudQuery is now officially maintained by Tailscale — big thanks to the Tailscale team!
With the new Tailscale integration you can now easily query Tailscale config and bring config data to your infrastructure/operational lake.
This way you can have all your infrastructure data in one place and correlate between different services.
As part of its initial release, the Tailscale integration supports pulling data for the following APIs:
tailscale_aclstabletailscale_devicestabletailscale_device_routestabletailscale_keystable
Let's look at a few useful queries.
Configuration #
First, let's quickly look at the source configuration for the integration. The example below syncs the
tailscale_devices table to PostgreSQL, making use of the new OAuth client to authenticate.kind: source
# Common source-plugin configuration
spec:
name: tailscale
path: /path/to/downloaded/plugin # Buy from here: https://www.cloudquery.io/hub/plugins/source/cloudquery/tailscale/latest/destinations
registry: local
version: 'PREMIUM'
tables: ['tailscale_devices']
destinations: ['postgresql']
# Tailscale specific configuration
spec:
client_id: 'YOUR_CLIENT_ID'
client_secret: '${TAILSCALE_CLIENT_SECRET}'
tailnet: 'cloudquery.io'
Example Queries #
Let's look at a few useful queries we can do just with the Tailscale tables.
Unseen devices #
Find all devices that weren't seen for more than 30 days:
select name, id, last_seen from tailscale_devices where last_seen < NOW() - INTERVAL '30 DAY';
tailnet | name | id | last_seen
---------------+-------------------------------+-------------------+---------------------
cloudquery.io | example-name.tail341.ts.net | 12345678082367896 | 2023-01-07 12:43:18
Key expiry disabled #
Find all devices with key expiry disabled
select name, id, last_seen from tailscale_devices where key_expiry_disabled;
tailnet | name | id | last_seen
---------------+-------------------------------+-------------------+---------------------
cloudquery.io | example-name.tail341.ts.net | 12345678082367896 | 2023-01-07 12:43:18
Distribution of devices #
Learn about how Tailscale client are distributed in your org across devices
select count(*), os from tailscale_devices group by os;
count | os
-------+-------
102 | macOS
103 | linux
70 | window
Find all devices of disabled Okta users #
Other cool things once you have Tailscale configuration in your database/datalake is that you can join and query it with data from other CloudQuery source integrations.
For example, the following will show all devices of users that were deactivated on Okta:
select td.tailnet, td.name, td.id, td.user, td.last_seen
from tailscale_devices td
left join okta_users ou
on td.user = ou.profile->>'email'
where ou.stats != 'ACTIVE'
Summary #
Using data from the new Tailscale source integration you can slice and dice your Tailscale data in many ways, but the examples in this post should give you a good starting point.
Want to see CloudQuery in action? Schedule a demo with our team or check out the platform documentation to learn more.
Want help getting started? Join the CloudQuery community to connect with other users and experts, or message our team directly here if you have any questions.
