On 10/30/2017 10:55 AM, rakeshkumar464 wrote:
> Is there a way in pgaudit to mask literal sqls like the below:
>
> insert into table (col1,col2) values(1,2)
> select * from table where col1 = 1
>
> These sqls are typed by our QA folks using pgadmin. pgaudit records this
> verbatim which runs afoul of our HIPAA requirement. Prepared statements are
> not an issue since pgaudit provides a way to suppress values.
if you have a HIPAA requirement that says 'dont run manual sql
statements', then, well, DONT.
why are QA folks making changes on production databases, anyways?
thats not within their domain. QA should be working on development or
staging databases.
--
john r pierce, recycling bits in santa cruz
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general