Re: Auditing extension for PostgreSQL (Take 2)

On Thu, Apr 30, 2015 at 12:57 PM, Sawada Masahiko <sawada(dot)mshk(at)gmail(dot)com> wrote:
> On Wed, Apr 29, 2015 at 12:17 AM, David Steele <david(at)pgmasters(dot)net> wrote:
>> On 4/28/15 2:14 AM, Sawada Masahiko wrote:
>>> On Fri, Apr 24, 2015 at 3:23 AM, David Steele <david(at)pgmasters(dot)net> wrote:
>>>> I've also added some checking to make sure that if anything looks funny
>>>> on the stack an error will be generated.
>>>>
>>>> Thanks for the feedback!
>>>>
>>>
>>> Thank you for updating the patch!
>>> I ran the postgres regression test on database which is enabled
>>> pg_audit, it works fine.
>>> Looks good to me.
>>>
>>> If someone don't have review comment or bug report, I will mark this
>>> as "Ready for Committer".
>>
>> Thank you! I appreciate all your work reviewing this patch and of
>> course everyone else who commented on, reviewed or tested the patch
>> along the way.
>>
>
> I have changed the status this to "Ready for Committer".

The specification of "session audit logging" seems to be still unclear to me.
For example, why doesn't "session audit logging" log queries accessing to
a catalog like pg_class? Why doesn't it log any queries executed in aborted
transaction state? Since there is no such information in the document,
I'm afraid that users would easily get confused with it. Even if we document it,
I'm not sure if the current behavior is good for the audit purpose. For example,
some users may want to log even queries accessing to the catalogs.

I have no idea about when the current CommitFest will end. But probably
we don't have that much time left. So I'm thinking that maybe we should pick up
small, self-contained and useful part from the patch and focus on that.
If we try to commit every features that the patch provides, we might get
nothing at least in 9.5, I'm afraid.

Regards,

--
Fujii Masao