Re: pgaudit - an auditing extension for PostgreSQL

On 17 February 2015 at 14:44, Stephen Frost <sfrost(at)snowman(dot)net> wrote:

>> The patch as it is, is targeted at auditing user/application level
>> access to the database, and as such it matches the use case of auditing
>> user actions.
>
> Right, and that's a *very* worthwhile use-case.

Agreed.

So, we are still at the same place we were at 7-8 months ago: Some
people would like an AUDIT command, but this isn't it. We have neither
a design nor a developer willing to implement it (or funding to do
so). That may change in the future, but if it does, we will not have
auditing in production version of Postgres before September 2016,
earliest if we wait for that.

I vote to include pgaudit in 9.5, albeit with any changes. In
particular, David may have some changes to recommend, but I haven't
seen a spec or a patch, just a new version of code (which isn't how we
do things...).

In my understanding, the following people are in favour of pgaudit, in
some form: Simon, Yeb, David, Stephen and other developers have spoken
earlier in favour of including it.

Abhijit, Jim and Robert have voiced recent doubts of various kinds,
but there seems to be no outstanding objection to including pgaudit,
only a wish that we had something better. (Please correct me).

I'm happy to do final review and commit. Assuming we are in agreement,
what changes are needed prior to commit?

--
Simon Riggs http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, RemoteDBA, Training & Services