| From: | Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Ian Barwick <ian(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pgaudit - an auditing extension for PostgreSQL |
| Date: | 2014-06-24 02:49:01 |
| Message-ID: | 20140624024901.GA19519@toroid.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
At 2014-06-23 16:51:55 -0400, sfrost(at)snowman(dot)net wrote:
>
> We can't control what gets audited through the catalog and have to
> manage that outside of PG, right?
Right. I understand now.
> Are both the connected user and the current role that the command is
> running under logged?
Yes, they are. -------------------------------------+----+
| |
v v
LOG: [AUDIT],2014-04-30 17:19:54.811244+09,auditdb,ianb,ianb,ADMIN,SET,,,set role ams;
LOG: [AUDIT],2014-04-30 17:19:57.039979+09,auditdb,ianb,ams,WRITE,INSERT,VIEW,public.v_x,INSERT INTO v_x VALUES(1,2);
> I'd much rather have that in-core capability and I worry that adding
> pgaudit as an external feature now would end up preventing us from
> moving forward in this area for years to come..
OK. I've marked the patch as rejected in the CF, but of course we hope
to see further discussion about an in-core implementation for 9.5.
Thank you for your feedback.
-- Abhijit
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Janes | 2014-06-24 02:57:21 | Re: tab completion for setting search_path |
| Previous Message | Michael Paquier | 2014-06-24 02:34:38 | Re: [BUGS] BUG #10728: json_to_recordset with nested json objects NULLs columns |