Thanks for the tips Joe! After fighting with this all day, I realized while I was testing this, I was logging into the database as the "postgres" user. For some reason those actions were not being logged. But once I logged in as another superuser account I have, I saw all my ddl statements being audited in the log file. So it was working after all, but just not for the "postgres" user. Do you happen to know if that behavior is how pgaudit is supposed to work? You'd think even the "postgres" user activity would be logged as well?
On 11/20/19 8:09 AM, Dave Hughes wrote: > Hey, > Thanks for reaching out. It looks like I have that parameter set as > well. Here is a list of settings I have turned on in postgresql.conf > since I installed pgAudit: > > shared_preload_libraries = 'pgaudit' > log_destination = 'csvlog' > logging_collector = on > log_directory = '/work/PostgreSQL/10/data' > log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' > log_connections = on > log_disconnections = on > log_line_prefix = '<%m:%r:%u@%d:[%p]:>' > pgaudit.log = 'ddl' > > Is there some other setting I may be missing?
I don't see anything wrong that jumps out except perhaps the OS postgres user does not have sufficient permissions to write to '/work/PostgreSQL/10/data'.
Beyond that, please see the supplemental PDF here for an example setup instruction (section 2.2/appendix B, and possibly section 2.3 as well):
