At 2014-06-23 16:51:55 -0400, sfrost@snowman.net wrote:
>
> We can't control what gets audited through the catalog and have to
> manage that outside of PG, right?
Right. I understand now.
> Are both the connected user and the current role that the command is
> running under logged?
Yes, they are. -------------------------------------+----+ | |
v v
LOG: [AUDIT],2014-04-30 17:19:54.811244+09,auditdb,ianb,ianb,ADMIN,SET,,,set role ams;
LOG: [AUDIT],2014-04-30 17:19:57.039979+09,auditdb,ianb,ams,WRITE,INSERT,VIEW,public.v_x,INSERT INTO v_x VALUES(1,2);
> I'd much rather have that in-core capability and I worry that adding
> pgaudit as an external feature now would end up preventing us from
> moving forward in this area for years to come..
OK. I've marked the patch as rejected in the CF, but of course we hope
to see further discussion about an in-core implementation for 9.5.
Thank you for your feedback.
-- Abhijit