Snowflake

Available for the following Plan types:

Fullstory Enterprise*

Fullstory Advanced*

Fullstory Business*

Fullstory for Mobile Apps*

Fullstory Free

*with the following add-on:

Data Destinations

Available to the following User roles:

Admin

Architect

Standard

 

Our Snowflake integration is currently available with our Data Destinations add-on feature. If you are interested in adding this integration to your account, please reach out to your account representative for more details.

Snowflake is a cloud-based data storage and analytics service that can be used as a data warehouse. We've built an integration, powered by our Data Destinations technology, that allows you to send your structured event data directly to Snowflake.

Enabling the integration (Snowflake)

Configuration

Note: To experience all of the benefits of this integration, a paid version of Snowflake is required.

We recommend that you use the names provided in the code block below. However, for simplicity, we recommend them to be unquoted identifiers.

Here is an example of how to create a secure and random password using the openssl CLI tool. This generates a pseudorandom series of 32 bytes and base64 encodes them. 

>> openssl rand -base64 32
xiuXQGOjgpByMyCmOvzkMUGo8sV7GrwF63QepqT9HdU=

Replace the blank user_password string in the script below with the output of this command.

Important Note on Data Security: Fullstory should only be granted access to read/write the data that we will be managing as part of this sync. To ensure all sensitive data remains secure, Fullstory strongly recommends creating a unique user, role and database within your data warehouse, specifically for Fullstory to access. This user and role should not be given permission to access any other data in any way. 

Setup

Once you've set the parameters, run the script below in your Snowflake Worksheet to create all of the required objects and grant the necessary privileges to the role/user that Fullstory will use to perform the data sync.

set warehouse_name = 'compute_wh';
set database_name = 'fullstory';
set role_name = 'fullstory_loader';
set user_name = 'fullstory_user';
set user_password = 'SECURE_PASSWORD';
set storage_integration = 'fullstory_gcs';

use role useradmin;
create role if not exists identifier($role_name);
create user if not exists identifier($user_name)
password = $user_password
must_change_password = false;
grant role identifier($role_name) to user identifier($user_name);

use role sysadmin;
create database if not exists identifier($database_name);
grant all on database identifier($database_name) to role identifier($role_name);
grant usage on warehouse identifier($warehouse_name) to role identifier($role_name);

use role accountadmin;
create storage integration identifier($storage_integration)
type = external_stage
storage_provider = 'GCS'
enabled = true
storage_allowed_locations = ('gcs://fullstoryapp-warehouse-sync-bundles/');
grant usage on integration identifier($storage_integration) to role identifier($role_name);
Note: Fullstory takes advantage of Snowflake's Storage integration feature to optimize how we load data into your warehouse. This does not require your Snowflake instance to be hosted in Google Cloud, nor does it require that you have a Google Cloud account. Click here to read more about storage integration. The values set for `storage_provider` and `storage_allowed_locations` in the script above should not be edited. If your region is eu1, you need to replace the storage_allowed_locations in the above script with gcs://fullstoryapp-eu1-warehouse-sync-bundles/.

Screenshot 2022-12-14 at 10.32.19 AM.png

Setting a network policy (optional)

The CIDR block for the IP addresses that Fullstory uses to connect to the provided snowflake instance are:

  • NA: 8.35.195.0/29
  • EU: 34.89.210.80/29

To create the network policy and apply it to the Fullstory snowflake user, run the following:

CREATE NETWORK POLICY FULLSTORY_POLICY SET ALLOWED_IP_LIST = ('8.35.195.0/29');
ALTER USER FULLSTORY_USER SET NETWORK_POLICY = FULLSTORY_POLICY;

Fullstory does not currently support two-factor authentication. 

Enabling the integration (Fullstory)

To start syncing, follow the steps below: 

  1. Navigate to Settings > Integrations > Data Destinations.
  2. Find the Snowflake integration and click Install.
    Screenshot 2023-01-03 at 5.13.27 PM.png
  3. As shown in the screenshot below, in the menu that appears, add in your Snowflake Account ID, Warehouse, the Database you created, Username and Password, and the Storage Integration for the new Fullstory user. The ID to use for Account ID should be the appropriate one for your region and provider. See this table for reference.
    Note: Please ensure all credentials are correctly entered. If any are incorrectly entered, the integration sync will fail.
  4. When you are ready, click Save at the bottom.
  5. After saving, you will see data start flowing into your warehouse within an hour.
Screen Shot 2022-10-11 at 9.31.06 AM.png

FAQ

Can you set up more than one Data Destination in your account?

Fullstory only allows you to set up a single Data Destination per account. If you have already activated another destination you must remove the other before you can add a new one.

Is a GCS Storage Integration mandatory?

No, you can choose the name of the integration by updating the storage_integration variable in the setup script shown above.

Need to get in touch with us?

The Fullstory Team awaits your every question.

Ask the Community Technical Support