| From: | David G Johnston <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Audit of logout |
| Date: | 2014-06-13 16:07:42 |
| Message-ID: | 1402675662004-5807224.post@n5.nabble.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane-2 wrote
> Another answer is to make both variables PGC_SIGHUP, on the grounds
> that it doesn't make much sense for them not to be applied system-wide;
> except that I think there was some idea that logging might be enabled
> per-user or per-database using ALTER ROLE/DATABASE.
From a trouble-shooting standpoint if I know that client software in
question is focused on particular users/databases being able to only enable
connection logging for those would make sense. Whether that is a true
production concern is another matter but the possibility does exist.
I personally do not get how a logoff is a risk auditing event. Logons and
actual queries I can understand.
For the same reason keeping them separate has merit since for imaginable
circumstances the logoffs are noise but the logons are important - and
forcing them to be on/off in tandem disallows the option to remove the noise
from the logs.
David J.
--
View this message in context: http://postgresql.1045698.n5.nabble.com/Audit-of-logout-tp5806985p5807224.html
Sent from the PostgreSQL - hackers mailing list archive at Nabble.com.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fabrízio de Royes Mello | 2014-06-13 16:28:32 | Re: How to change the pgsql source code and build it?? |
| Previous Message | David Johnston | 2014-06-13 15:57:06 | Re: PL/pgSQL support to define multi variables once |