Note
Project Status: WIP (Pet Project) ASTRON is an active experimental project specializing in high-performance SQL observability and sidecar security architectures. Featuring a Grammar-First AST engine, it moves beyond naive pattern matching to provide professional-grade tactical analysis.
Most SQL analyzers fail on nested queries, aliases, and formatting variations. They "count things" using naive string matching. ASTRON treats SQL as a language, not a string.
| Feature | Naive Analyzers | ASTRON (v8.0) |
|---|---|---|
| Nested Queries | ❌ Fails on sub-scopes | ✅ Recursive AST Traversal |
| Alias Resolution | ❌ Loses context | ✅ Full Alias Qualification |
| Intelligence | ❌ Simple counts | ✅ Tactical Forensic Advice |
| Ingestion | ❌ Single Request | ✅ Batch & File-Based Pipeline |
The Sentry Hub provides a real-time view of all network traffic, including an interactive Mermaid-driven traffic map and the forensic threat registry.
Real-time detection of high-entropy payloads and sensitive PII leaks across the network mesh.
Track global query metrics, deduplicated hashes, and provisioned instance health across your entire decentralized infrastructure.
Drill down into specific queries to visualize SQL lineage and receive Expert Tactical Advice.
ASTRON leverages sqlglot.optimizer.qualify to expand SELECT *, resolve complex table aliases, and handle Recursive CTEs. This ensures 100% accurate column mapping even in queries with 10+ joins.
Instead of just counting "Joins" or "Where clauses," ASTRON audits the AST for performance and security anti-patterns:
- Index Suppression: Flagging
UPPER(col)orDATE(col)in filters that break index seeks. - Wildcard Bloat: Detects
SELECT *patterns. - Security Tautologies: Flags redundant
1=1logic. - Cartesian Risk: Detects joins missing explicit criteria.
ASTRON v8.0 introduces native support for high-volume batch processing:
- Batch Processing: Splitting monolithic multi-statement strings into individual telemetry samples using
sqlglot.split_queries. - File Ingest: Upload
.sqldumps directly toPOST /v1/telemetry/queries/filefor instant forensic auditing.
- Boot the Mesh:
docker-compose up -d # Services: Postgres, Redis, MinIO, Elasticsearch, Gateway, Workers - Provision Your Instance:
Register an Organization and receive your Enterprise Access Token via the UI or
POST /v1/onboarding/register. - Run the Forensic Demo:
pip install -r requirements.txt python3 exporters/demo_exporter.py
- View UI: Open
frontend/index.html. All metrics and tactical insights are now live.
ASTRON is built with a Privacy-First architecture:
- Masked Signatures: Only redacted forensic signatures (e.g.,
XXXX-XXXX-1234) are stored. - Passive Sniffing: Zero-overhead network auditing that does not intercept application-level sensitive memory.
- Least Privilege: Designed to run as a sidecar with zero-trust credentials.
Licensed under the Apache License 2.0.
Author: [Ashutosh]