Re: pgaudit - an auditing extension for PostgreSQL

Поиск
Список
Период
Сортировка
От Stephen Frost
Тема Re: pgaudit - an auditing extension for PostgreSQL
Дата
Msg-id 20141014192032.GC28859@tamriel.snowman.net
обсуждение исходный текст
Ответ на Re: pgaudit - an auditing extension for PostgreSQL  (Simon Riggs <simon@2ndQuadrant.com>)
Список pgsql-hackers
Дерево обсуждения 
* Simon Riggs (simon@2ndQuadrant.com) wrote:
> On 14 October 2014 13:57, Stephen Frost <sfrost@snowman.net> wrote:
>
> > Create an 'audit' role.
> >
> > Every command run by roles which are granted to the 'audit' role are
> > audited.
> >
> > Every 'select' against tables which the 'audit' role has 'select' rights
> > on are audited.  Similairly for every insert, update, delete.
>
> I think that's a good idea.
>
> We could have pg_audit.roles = 'audit1, audit2'
> so users can specify any audit roles they wish, which might even be
> existing user names.

Agreed.

> That is nice because it allows multiple completely independent
> auditors to investigate whatever they choose without discussing with
> other auditors.

Yes, also a good thought.
Thanks!
    Stephen

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Simon Riggs
Дата:
Сообщение: Re: pgaudit - an auditing extension for PostgreSQL
Следующее
От: Abhijit Menon-Sen
Дата:
Сообщение: Re: pgaudit - an auditing extension for PostgreSQL