| From: | Julien Rouhaud <rjuju123(at)gmail(dot)com> |
|---|---|
| To: | Vijaykumar Jain <vijaykumarjain(dot)github(at)gmail(dot)com> |
| Cc: | "Boyapalli, Kousal" <Kousal(dot)Boyapalli(dot)ext(at)uniper(dot)energy>, "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: user creation time for audit |
| Date: | 2021-08-30 10:23:00 |
| Message-ID: | CAOBaU_YYfR1zzVzzhpikxQk1kw7bc1+EXtQuAdY=PSwQRRaiOQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, Aug 30, 2021 at 5:24 PM Vijaykumar Jain
<vijaykumarjain(dot)github(at)gmail(dot)com> wrote:
>
> On Mon, 30 Aug 2021 at 14:39, Julien Rouhaud <rjuju123(at)gmail(dot)com> wrote:
>>
>>
>> The easy way around that is to track those events yourself with the
>> rules that suit your needs, which can be done easily using an event
>> trigger.
>
>
> Please correct me if I am missing anything, but the doc said, event triggers are not allowed on global objects.
> PostgreSQL: Documentation: 13: 39.2. Event Trigger Firing Matrix
Ah right, sorry about that.
> Anyways, I think the options were using external mechanisms to role audits, or pgaudit via statement logging ?
You could also periodically check for new user creation, or write a
dedicated module using ProcessUtility_hook which could allow you to do
something for each CREATE/DROP/ALTER ROLE (or any other utility
statement).
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mario Emmenlauer | 2021-08-30 10:53:54 | lib and share are installed differently, but why? |
| Previous Message | Vijaykumar Jain | 2021-08-30 09:23:52 | Re: user creation time for audit |