Home > mailing lists

[HACKERS] pg audit requirements - Mailing list pgsql-hackers

From	Pavel Stehule
Subject	[HACKERS] pg audit requirements
Date	November 10, 2017 13:33:30
Msg-id	CAFj8pRDhRDpsZTsp7HxsBi2jh16oZXhouUA6i5qCnsnLFbXtAw@mail.gmail.com Whole thread Raw
Responses	Re: [HACKERS] pg audit requirements (David Steele <david@pgmasters.net>)
List	pgsql-hackers

Tree view

I am sending some notes, experience about usage of pgAudit.

pgAudit provides basic functionality and usually is good enough. But it is not good enough for some applications in financial services.

The requirements:

1. structured output - attached query is not good enough - column name, table name, schema, database, role should be separated

2. separated log (log file) with guaranteed write - fsync after every line means significant performance issue, but fsync every 1sec (or defined interval) is acceptable

3. security issues - not enough access rights to database object should be processed and logged in audit log too.

Regards

Pavel

pgsql-hackers by date:

From: Pavel Stehule
Date: 10 November 2017, 13:17:02
Subject: Re: [HACKERS] proposal: psql command \graw

From: David Rowley
Date: 10 November 2017, 13:40:04
Subject: Re: [HACKERS] path toward faster partition pruning

[HACKERS] pg audit requirements - Mailing list pgsql-hackers

Previous

Next