By default, Chartio sets data sources to read-only at the connection level. This provides an additional layer of security against malicious queries.
Some databases, such as Redshift, disallow the creation of variables and temporary tables when connections are set to read-only. For this reason, we allow Redshift users to disable the enforcement of read-only in their data source settings if needed.
If you are seeing an error message like “Error: Transaction is read-only”, disabling the read-only setting should resolve this issue.
Even with read-only disabled, your database is still protected from malicious queries in two ways:
- a user-provided read-only login Chartio uses to connect to your database
- Chartio’s disallowed keywords list that blocks queries with malicious keywords
Moving your database connection
If you’ve moved your database from one server to another, follow the steps below to maintain your Chartio connection.
- Make sure that the Chartio user has been added to your new database with the same credentials
- Visit your data source settings (Data sources > your data source) and switch to the Connection tab
- Enter the new hostname for your database and the current password for your Chartio user. Click Save to test the connection and save the new connection information.
Charts connected to a data source
To see your data source usage, go to your data source settings page under the General tab.
From there, you can see the “Usage” section below listing the charts, alerts, and data stores to which you have access that are using the data source.
You can also write into firstname.lastname@example.org and we can provide you with the full report of all charts using this data source.
VPN and reverse SSH tunnels
We sometimes get asked about VPNs. We currently do not support this type of connection.
VPNs are useful to bridge two different private networks. They require additional configuration of network routing rules and firewall rules.
Our reverse SSH tunnel, on the other hand, maps a single IP and port in one private network into another. Very little network routing setup is required and very few firewalls rules need to be configured.
Conversely, a poorly configured VPN could give Chartio access to every server in the private network or vice versa. In addition, AWS places limitations on the number of VPNs or peer-ed VPN networks. Meaning, it would be difficult to scale VPNs as easily as we can reverse SSH connections.
Reverse SSH should be just as secure from an encrypted tunnel perspective, with a much simpler implementation.
View more info on our tunnel connections.
Unauthorized data sources
Data sources appear as “Unauthorized” on the Data Sources settings page if you or your team have not been granted access to the data source.
You can view charts that have been created using these data sources if you have access to the charts’ parent dashboard, but you can’t query those unauthorized data sources when using Visual SQL or Data Explorer.
If you need access to a data source, please contact your administrator or a member of the Owners team. You can find members of the Owners team from the Teams page, under the ellipsis in the top main menu.
Support for stored procedures
You can execute stored procedures in our Data Explorer’s SQL Mode for any database that uses the syntax SELECT my_function(). Our ability to chart that data will depend on how the data is returned from the stored procedure.
If you have any trouble using stored procedures from within Chartio, please send us an email.
Amazon S3 Connection
We do not have a direct connection to Amazon S3, as Chartio supports primarily relational SQL databases. You will want to put the data in Amazon Redshift or an RDS instance. We can also connect to Amazon Athena where you may be able to access your S3 files.