Introducing QueryBird: A simple, secure way to access your most valuable data

In modern enterprise architecture, the most valuable data often resides in the most secure, isolated environments: Virtual Private Clouds (VPCs). Your production databases, internal APIs, and log streams hold the critical information that business teams need for analytics, operations, and real-time decision-making. The challenge is getting that data out securely and reliably to the countless external webhooks, and SaaS platforms that power the business.

QueryBird was born from a real customer need. One of our enterprise customers needed a secure, compliant way to fetch data from their clients’ VPCs without exposing any endpoints or credentials. Instead of pushing them toward a generic ETL tool, we built a tailored solution that respected their security posture and delivered the flexibility they needed. That project became the foundation of QueryBird.

Traditional methods are often a poor fit. Full-scale ETL pipelines are complex and expensive for simple, recurring tasks. Custom scripts are brittle, lack monitoring, and present security risks with hardcoded credentials. Database triggers can't reliably communicate with external endpoints.

This is the problem we built QueryBird to solve. It is a production-ready, VPC-native service designed to be the most reliable and straightforward way to schedule queries, transform the results, and deliver them to any wehook.

How does QueryBird work?

QueryBird operates on a simple principle: everything is defined in a single YAML configuration file. This file specifies the data to query, the schedule to run on, how to transform the data, and where to send it. Once configured, QueryBird deploys it as a dedicated, reliable system service.

The entire workflow is designed for security and simplicity.

• Define a Job: You create a .yml file that outlines the entire task.

• Source the Data: Write a query to fetch the data. While QueryBird excels with SQL databases like PostgreSQL and MySQL, it is architected as a universal scheduler capable of sourcing data from any source.

• Transform the Payload: Use the powerful JSONata expression language to reshape the query results into the exact format your destination API requires. This can range from simple field mapping to complex aggregations and conditional logic.

• Deliver the Output: Send the transformed data to an HTTP endpoint as a JSON payload or a CSV file upload.

• Deploy as a Service: Run a single command to install your configuration as a hardened, independent system service that runs reliably in the background.

A Practical Example: Sending Daily Analytics to a Webhook

Imagine you need to send a daily summary of new user sign-ups to an internal analytics platform every morning at 2 AM. With QueryBird, this is straightforward.

Create a configuration file:

 
jobs:
  - id: daily_user_export
    schedule: "0 2 * * *"  # 2 AM daily
    sql: |
      SELECT user_id, signup_date, last_active, plan_type
      FROM users
      WHERE created_at >= CURRENT_DATE - INTERVAL '1 day'
    transform:
      jsonata: |
        $map($, function($user) {
          {
            "user_id": $user.user_id,
            "days_active": $floor(($now() - $toMillis($user.signup_date)) / 86400000),
            "segment": $user.plan_type = "premium" ? "high_value" : "standard"
          }
        })
    output:
      http_csv:
        url: <https://api.analytics.com/upload>
        upload:
          type: multipart
          filename: daily_users.csv

Let's break this down:

schedule: A standard cron expression dictates that this job runs at 2:00 AM every day.

sql: A simple SQL query selects users created in the last day.

transform: JSONata expressions remap the database columns, calculate a new days_active field on the fly, and assign a segment based on the user's plan type.

output: The results are formatted as a multipart form upload containing a CSV file named daily_users.csv.

Then run QueryBird with a single command and watch the data flow. Simple as that.

Core Features for Enterprise Workloads

QueryBird was built from the ground up to meet enterprise requirements for security and reliability.

VPC-Native: QueryBird runs inside your VPC, initiating only outbound connections. It has zero inbound attack surface, drastically reducing security risks.

Secure Secrets Management: An interactive CLI is used to store sensitive credentials like API keys and database passwords in a permissions-restricted file. Configurations reference secrets via tags, eliminating credentials from plain text files and environment variables.

Incremental Processing: Using a watermarking strategy, QueryBird tracks the last record processed. This ensures that in the event of a restart or temporary failure, it picks up exactly where it left off, preventing data duplication.

Atomic Operations: Updates are atomic, making the system crash-safe and guaranteeing data integrity.

Isolated Services: Each configuration file is deployed as its own systemd service, ensuring that one job cannot impact another.

Resiliency: Jobs feature graceful shutdowns and exponential backoff retries for transient network or API failures.

QueryBird reflects our broader philosophy at Truto: when our customers face complex technical barriers, we don’t shy away from them. We build. Whether it’s a unique compliance constraint, or a network isolation policy, we turn those constraints into engineering opportunities.

So, when you get right down to it, getting your data from point A to point B shouldn't be a massive headache. QueryBird eliminates the friction between your secure internal data and the external APIs and platforms that drive your business forward. With QueryBird, you just describe what you need in a simple config file and let it handle the heavy lifting, so you can get back to focusing on what your data can actually do

Want it to give it a try? Schedule a quick consultation here: https://cal.com/truto/partner-with-truto