On Thu, 2007-10-11 at 14:53 -0400, Jonah H. Harris wrote:
> On 10/11/07, Jeff Davis <pgsql@j-davis.com> wrote:
> > Postgresql too has this functionality and it seems to be as flexible and
> > configurable as Oracle's.
>
> Not exactly. Oracle auditing uses autonomous transactions and
> actually logs attempts to change data as well as changes themselves
> whereas Postgres would only log to a table on commit. In Postgres,
> you have to specifically write a trigger which simulates an autonomous
> transaction using dblink.
>
Very true. Also, I find it awkward and difficult to do things like:
* audit data being _read_
* if using logging options to audit, it's almost impossible to separate
the audit trails from other log entries
* if auditing using a mechanism other than the postgres log, you can't
record statements, e.g. "DROP TABLE" or "ALTER USER ... PASSWORD ...".
I would like postgres to have a really good auditing system. For me,
it's one of the most important features that postgresql doesn't already
have.
Regards,
Jeff Davis