Re: pgaudit - an auditing extension for PostgreSQL

Alvaro,

* Alvaro Herrera (alvherre(at)2ndquadrant(dot)com) wrote:
> Stephen Frost wrote:
> > * Abhijit Menon-Sen (ams(at)2ndquadrant(dot)com) wrote:
> > > We have some time available to work on it, but not so much that I want
> > > to write any more code without a clearer idea of what might be accepted
> > > eventually for inclusion.
> >
> > You and me both... (see nearby discussion regarding the redesign of
> > RLS..). For my part, the nexts steps might be to consider how you'd
> > migrate what you've provided for configuration into catalog tables and
> > how we'd address the concerns raised elsewhere regarding catalog access
> > in cases where we're not in a transaction (or at least addressing those
> > areas and working out what the logging would do in those situations..).
>
> I think the whole idea of storing audit info in catalogs should go away
> entirely. There are, it seems to me, too many problems with that.

I'm completely against the notion of managing auditing requirements and
configurations which reference tables, users, and other objects which
exist in the catalog by using flat files. To me, that's ridiculous on
the face of it. Other databases have had this kind of capability as a
matter of course for decades- we are far behind in this area.

Thanks,

Stephen