# Integrate MySQL with Databox

MySQL is a widely used open-source relational database management system (RDBMS) that stores and retrieves structured data using SQL. It powers everything from small web applications to large-scale enterprise systems and is commonly deployed on-premises, in the cloud, or as a managed service such as Amazon RDS or Google Cloud SQL. Connecting MySQL to Databox lets you pull data directly from your database, build custom metrics using SQL queries, and visualize business-critical figures alongside data from your other connected tools.

## Connection

If you've already established a connection, you can [reuse](/add-a-data-source) it to add new data sources to your Databox account.

### Step 1: Create a read-only MySQL user for Databox

Databox only reads data from your database — it never writes to it. Create a dedicated MySQL user with `SELECT`-only privileges scoped to the Databox IP address.

**MySQL 8.0+ (modern syntax):**


```sql
CREATE USER 'databox'@'52.4.198.118' IDENTIFIED BY 'your_secure_password';
GRANT SELECT ON your_database.* TO 'databox'@'52.4.198.118';
FLUSH PRIVILEGES;
```

**MySQL 5.x (legacy single-statement syntax):**


```sql
GRANT SELECT ON your_database.* TO 'databox'@'52.4.198.118' IDENTIFIED BY 'your_secure_password';
FLUSH PRIVILEGES;
```

Replace `your_database` with the name of the database you want to connect, and `your_secure_password` with a strong password. If you need to grant access to multiple databases, repeat the `GRANT` statement for each one.

Avoid the following special characters in your MySQL password, as they can cause encoding issues when establishing the connection: ```, `'`, `"`, `/`, `\`, and spaces.

### Step 2: Configure MySQL to accept remote connections

By default, MySQL binds only to `localhost` (127.0.0.1) and does not accept external connections. To allow Databox to connect, update the `bind-address` setting in your MySQL configuration file.

1. Open your MySQL configuration file. The path depends on your system:
  - `/etc/mysql/my.cnf`
  - `/etc/mysql/mysql.conf.d/mysqld.cnf`
2. Locate the `bind-address` directive in the `[mysqld]` section and set it to `0.0.0.0` (all interfaces) or your server's public IP:

```ini
bind-address = 0.0.0.0
```
3. Save the file and restart the MySQL service to apply the change:

```bash
sudo systemctl restart mysql
```


If you are using a managed MySQL service (such as Amazon RDS, Google Cloud SQL, or PlanetScale), remote connectivity is typically enabled through the service's console or security group settings rather than by editing a configuration file.

### Step 3: Whitelist the Databox IP address

Open port `3306/TCP` for inbound connections from the Databox IP address `52.4.198.118` on your server's firewall or network security rules. The exact steps depend on your infrastructure:

- **Linux (iptables):** `iptables -A INPUT -s 52.4.198.118/32 -p tcp --dport 3306 -j ACCEPT`
- **AWS RDS:** In the AWS Console, add an inbound rule to your database's security group allowing TCP on port 3306 from `52.4.198.118/32`.
- **Other managed services:** Add `52.4.198.118` to your database's IP allowlist in the service's network access settings.


### Step 4: Enter your MySQL connection details in Databox

1. In Databox, go to **Data Sources > + New connection**.
2. Search for **MySQL** and click **Connect**.
3. Fill in the connection form:
  - **Data source name** — a label for this connection in Databox.
  - **Host** — the hostname or IP address of your MySQL server.
  - **Port** — the port MySQL listens on. The default is `3306`.
  - **User** — the MySQL username created in [Step 1](#step-1-create-a-read-only-mysql-user-for-databox).
  - **Password** — the password for that user.
  - **Database name** (optional) — the specific database to connect to. Leave blank to connect at the server level.
  - **Timezone** — the time zone used to interpret date values in query results. Defaults to `Etc/UTC`.
4. Select an **SSL/TLS mode** (see [SSL/TLS](#ssltls) below).
5. Click **Connect**.


connect
## SSL/TLS

Databox offers three SSL/TLS modes when connecting to a database. Choose the one that matches your server's configuration.

| Mode | Description |
|  --- | --- |
| None | The connection is made without SSL/TLS encryption. Use this only when your server does not have SSL enabled. |
| Use SSL/TLS with provider CA bundle | The connection uses SSL/TLS and authenticates the server using a regional CA bundle managed by your cloud provider (for example, Amazon RDS). When you check **Verify server certificate using regional CA bundle**, an additional **CA certificate bundle (ssl-ca)** field appears, where you can paste your provider's CA certificate. |
| Use SSL/TLS with custom certificates | The connection uses SSL/TLS with certificates you supply directly. When **Verify server certificate** is checked, you must provide a **CA certificate (ssl-ca)**. You may also supply a **Client certificate (ssl-cert)** and **Client private key (ssl-key)** for mutual TLS. If **Verify server certificate** is unchecked, only the client certificate and private key fields are shown. |


For step-by-step instructions on generating or obtaining SSL certificates and configuring them for each mode, see [Enable SSL/TLS for your database connection](/enable-ssl-tls-for-your-database-connection).

## Datasets

The MySQL integration supports the creation of [datasets](/understanding-datasets), which allow you to define and shape the specific data you want to use for reporting in Databox. Datasets make it easier to focus on the most relevant information, enabling you to filter, visualize, and analyze metrics across projects, teams, and clients without writing complex queries each time.

### Steps to create a dataset:

1. **Select a table**: Pick the appropriate schema within that database.
2. **Select columns**: Browse and select the specific columns (fields) from your tables or views to include in your dataset. These columns define the structure and content of your dataset.


### Optional: Write SQL

For more advanced use cases, you can write a **custom SQL query** instead of selecting columns manually. This allows you to:

- Join multiple tables
- Apply filters and aggregations
- Format or transform data before importing it into Databox


Your query must return a valid tabular result to be used as a dataset.

### Additional resources

- [MySQL Documentation](https://dev.mysql.com/doc/) — Official MySQL documentation hub covering installation, SQL syntax, storage engines, security, replication, and release notes for all supported versions.
- [MySQL 8.0 Reference Manual](https://dev.mysql.com/doc/refman/8.0/en/) — Complete reference for MySQL 8.0, including SQL statements, data types, functions, user management, and server configuration.


## Resources

For comprehensive details on metrics, data availability, templates, specifications, usage guidelines, and other key information, refer to the resources listed below.

Yes. Managed MySQL services are supported. Make sure the database is publicly accessible and that the Databox IP address (`52.4.198.118`) is added to the service's inbound security rules or IP allowlist. For Amazon RDS, refer to the AWS documentation for configuring SSL and network access.

Check the following in order:

1. The `bind-address` in your MySQL configuration allows external connections
2. Your firewall permits inbound TCP traffic on port `3306` from `52.4.198.118`
3. The MySQL user was created with `'databox'@'52.4.198.118'` as the host — not `'%'` or `'localhost'`. Run `FLUSH PRIVILEGES;` after any user or grant changes.


 

Ask Genie
Get instant answers or help with your data using the in-app AI assistant.

Talk to an expert
For customers: Get help with your setup, strategy, or making the most of Databox.

Book a demo
New to Databox? See how it works and get guidance on getting started.

Send an email
Reach out to support for help with your account, data, or technical issues.