Home > mailing lists

Re: [GENERAL] pg_audit to mask literal sql - Mailing list pgsql-general

From	John R Pierce
Subject	Re: [GENERAL] pg_audit to mask literal sql
Date	October 31, 2017 03:35:57
Msg-id	7fbd72e8-a50d-d637-1959-c4541ad3a291@hogranch.com Whole thread Raw
In response to	[GENERAL] pg_audit to mask literal sql (rakeshkumar464 <rakeshkumar464@outlook.com>)
Responses	Re: [GENERAL] pg_audit to mask literal sql (Rob Sargent <robjsargent@gmail.com>) Re: [GENERAL] pg_audit to mask literal sql (rakeshkumar464 <rakeshkumar464@outlook.com>) Re: [GENERAL] pg_audit to mask literal sql (rakeshkumar464 <rakeshkumar464@outlook.com>)
List	pgsql-general

Tree view

On 10/30/2017 10:55 AM, rakeshkumar464 wrote:
> Is there a way in pgaudit to mask literal sqls like the below:
>
> insert into table (col1,col2) values(1,2)
> select * from table where col1 = 1
>
> These sqls are typed by our QA folks using pgadmin. pgaudit records this
> verbatim which runs afoul of our HIPAA requirement.  Prepared statements are
> not an issue since pgaudit provides a way to suppress values.

if you have a HIPAA requirement that says 'dont run manual sql 
statements', then, well, DONT.

why are QA folks making changes on production databases, anyways?   
thats not within their domain.   QA should be working on development or 
staging databases.



-- 
john r pierce, recycling bits in santa cruz



-- 
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

pgsql-general by date:

From: "David G. Johnston"
Date: 31 October 2017, 03:10:12
Subject: Re: [GENERAL] Roles inherited from a role which is the owner of adatabase can drop it?

From: Rob Sargent
Date: 31 October 2017, 03:46:24
Subject: Re: [GENERAL] pg_audit to mask literal sql

Re: [GENERAL] pg_audit to mask literal sql - Mailing list pgsql-general

Previous

Next