turbot/tailscale
steampipe plugin install tailscale

Table: tailscale_tailnet - Query Tailscale Tailnet using SQL

A Tailnet in Tailscale is a private network that your devices connect to. It is a virtual network, similar to a VPN, that securely connects your devices no matter where they are located. Tailnets are easy to set up and manage, and provide a secure way to access your resources from anywhere.

Table Usage Guide

The tailscale_tailnet table provides insights into Tailnet resources within Tailscale. As a network administrator, you can use this table to get details about your private networks, including which devices are connected to them and their respective locations. This table is particularly useful for managing network access and ensuring secure connections across your devices.

Examples

Basic info

Gain insights into the configuration of your Tailscale network by analyzing the DNS settings and preferences. This query allows you to understand the network's structure and manage your system more effectively.

select
dns_nameservers,
dns_preferences,
dns_search_paths,
tailnet_name,
title
from
tailscale_tailnet;
select
dns_nameservers,
dns_preferences,
dns_search_paths,
tailnet_name,
title
from
tailscale_tailnet;

DNS Nameservers that have magicDNS enabled

Discover the segments that have the magicDNS feature enabled within the Tailscale network. This can be useful to understand which parts of your network are utilizing this feature for simplified DNS management.

select
dns_nameservers,
dns_preferences,
dns_search_paths,
tailnet_name,
title
from
tailscale_tailnet
where
dns_preferences ->> 'magicDNS' = 'true';
select
dns_nameservers,
dns_preferences,
dns_search_paths,
tailnet_name,
title
from
tailscale_tailnet
where
json_extract(dns_preferences, '$.magicDNS') = 'true';

List users in each group

Determine the areas in which users are grouped together. This can help in understanding user organization and management within your network.

select
v as user_name,
g.key as group_name
from
tailscale_tailnet,
jsonb_each(acl_groups) as g,
jsonb_array_elements_text(g.value) as v;
select
v.value as user_name,
g.key as group_name
from
tailscale_tailnet,
json_each(acl_groups) as g,
json_each(g.value) as v;

List owners of each tag

Discover the segments that show the relationship between tags and their respective owners. This is beneficial to understand ownership distribution across different tags.

select
v as owner,
g.key as tag
from
tailscale_tailnet,
jsonb_each(acl_tag_owners) as g,
jsonb_array_elements_text(g.value) as v;
select
v.value as owner,
g.key as tag
from
tailscale_tailnet,
json_each(acl_tag_owners) as g,
json_each(g.value) as v;

Schema for tailscale_tailnet

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
acl_groupsjsonbThe list of ACL groups that is currently set for the given tailnet.
acl_hostsjsonbThe list of ACL hosts that is currently set for the given tailnet.
acl_tag_ownersjsonbThe list of ACL tag owners that is currently set for the given tailnet.
dns_nameserversjsonbThe list of DNS nameservers for a tailnet.
dns_preferencesjsonbThe DNS preferences that are currently set for the given tailnet.
dns_search_pathsjsonbThe list of DNS search paths that is currently set for the given tailnet.
tailnet_nametext=The name of your tailnet.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- tailscale

You can pass the configuration to the command with the --config argument:

steampipe_export_tailscale --config '<your_config>' tailscale_tailnet