Table: tailscale_device
A Tailscale device is any computer in the Tailnet.
Examples
Basic info
select id, name, addresses, hostname, created, userfrom tailscale_device;Device count per OS
select os, count(*)from tailscale_devicegroup by osorder by count desc;Device details of a particular user
select name, id, created, expires, hostnamefrom tailscale_device dwhere d.user = 'luis@turbot.com'order by d.name;Unauthorized devices
select name, id, created, expires, hostnamefrom tailscale.tailscale_device dwhere d.authorized = false;Devices without tags
select name, id, hostnamefrom tailscale_devicewhere tags is null;Devices that block incoming connections
select name, id, os, user, created, tailnet_namefrom tailscale_devicewhere blocks_incoming_connections;External devices
select name, id, os, user, created, tailnet_namefrom tailscale_devicewhere is_external;Devices that have been inactive for the last 90 days
select name, id, os, user, created, tailnet_name, last_seenfrom tailscale_devicewhere last_seen <= (now() - interval '90' day);Devices that will expire in the next 90 days
select name, id, os, user, created, tailnet_name, expiresfrom tailscale_devicewhere expires <= (now() + interval '90' day);Devices running on older Tailscale client versions
select name, id, os, user, created, tailnet_namefrom tailscale_devicewhere update_available;Control examples
- security_best_practices_device_authorization_enabled
- security_best_practices_device_node_key_expire
- security_best_practices_device_upgrade_clients_in_timely_manner
- security_best_practices_tailnet_acl_tags_used
.inspect tailscale_device
A Tailscale Device represents the devices under a tailnet.
| Name | Type | Description |
|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. |
| addresses | jsonb | The list of device's IPs. |
| authorized | boolean | Whether the device is authorized. |
| blocks_incoming_connections | boolean | Whether the device blocks incoming connections. |
| client_version | text | Version of the client. |
| created | timestamp with time zone | Device creation time. |
| device_subnet_routes | jsonb | A list of the device subnet routes. |
| expires | timestamp with time zone | Device expiry time. |
| hostname | text | Name of the host. |
| id | text | An unique identifier of the device. |
| is_external | boolean | Whether the device is external. |
| key_expiry_disabled | boolean | Whether the key expiration is disabled. |
| last_seen | timestamp with time zone | Device last active time. |
| machine_key | text | Machine key of the device. |
| name | text | The name of the device. |
| node_key | text | Node key of the device. |
| os | text | OS information of the device. |
| tags | jsonb | The tags applied to the device. |
| tailnet_name | text | The name of your tailnet. |
| title | text | Title of the resource. |
| update_available | boolean | Whether an update is available. |
| user | text | Name of the owner of the device. |