From: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
---|---|
To: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | pg audit requirements |
Date: | 2017-11-10 07:33:30 |
Message-ID: | CAFj8pRDhRDpsZTsp7HxsBi2jh16oZXhouUA6i5qCnsnLFbXtAw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi
I am sending some notes, experience about usage of pgAudit.
pgAudit provides basic functionality and usually is good enough. But it is
not good enough for some applications in financial services.
The requirements:
1. structured output - attached query is not good enough - column name,
table name, schema, database, role should be separated
2. separated log (log file) with guaranteed write - fsync after every line
means significant performance issue, but fsync every 1sec (or defined
interval) is acceptable
3. security issues - not enough access rights to database object should be
processed and logged in audit log too.
Regards
Pavel
From | Date | Subject | |
---|---|---|---|
Next Message | David Rowley | 2017-11-10 07:40:04 | Re: path toward faster partition pruning |
Previous Message | Pavel Stehule | 2017-11-10 07:17:02 | Re: proposal: psql command \graw |