Re: [GENERAL] pg_audit to mask literal sql - Mailing list pgsql-general

From Stephen Frost
Subject Re: [GENERAL] pg_audit to mask literal sql
Date
Msg-id 20171031120839.GT4628@tamriel.snowman.net
Whole thread Raw
In response to Re: [GENERAL] pg_audit to mask literal sql  (rakeshkumar464 <rakeshkumar464@outlook.com>)
List pgsql-general
Greetings,

* rakeshkumar464 (rakeshkumar464@outlook.com) wrote:
> By mask I mean pgaudit should log where ssn = '123-456-7891' as where ssn =
> '?'

Data masking really isn't part of auditing, and so even if pgaudit could
do so, that wouldn't really be the right place to make it happen.

There have been discussions about data masking previously but they
haven't really lead anywhere.  Having proper auditing capabilities built
into the backend and then a way to classify errors (such as syntax error
or other issue where we couldn't tell what the query actually was due to
a user fat-fingering something) as 'not to be logged' would at least get
us closer to your goal of not wanting sensitive data in the log files,
but PG isn't there yet.

That said, there are quite a few people who do use PG with HIPPA and
address the requirements required for it in other ways (as discussed
elsewhere on this thread).

Thanks!

Stephen

pgsql-general by date:

Previous
From: Stephen Frost
Date:
Subject: Re: [GENERAL] Backup strategy using 'wal_keep_segments'
Next
From: Stephen Frost
Date:
Subject: Re: [GENERAL] Roles inherited from a role which is the owner of adatabase can drop it?