Обсуждение: Audit Log Destination

Поиск
Список
Период
Сортировка

Audit Log Destination

От
"Arnold, Sandra"
Дата:
One of my security controls is to audit events.  I don't have a problem on how to do that.  However, another control is for all functionality of the PostgreSQL database to cease or stall if the directory that contains the audit logs is full.  What happens to PostgreSQL if any of the log directories are full and unable to have anything else written to it?  I have looked and cannot find anything that will tell me what happens.
 
Thanks,

Sandra Arnold
Sr. DBA
DOE/OSTI

Re: Audit Log Destination

От
Peter Eisentraut
Дата:
On Wednesday 20 May 2009 23:51:53 Arnold, Sandra wrote:
> One of my security controls is to audit events.  I don't have a problem
> on how to do that.  However, another control is for all functionality of
> the PostgreSQL database to cease or stall if the directory that contains
> the audit logs is full.  What happens to PostgreSQL if any of the log
> directories are full and unable to have anything else written to it?  I
> have looked and cannot find anything that will tell me what happens.

PostgreSQL doesn't have the concept of an "audit log". So perhaps you can
explain exactly which functionality you are using for that purpose; then we
might figure out what happens when the disk is full.

In principle, however, you can try this out yourself, by creating a limited-
size partition and pointing your log there.  That might give you a better
feeling for what exactly will happen.

Re: Audit Log Destination

От
"Arnold, Sandra"
Дата:
Actually PostgreSQL calls it logging.  I am using the "csv" form of
logging.  I am logging connections, disconnections, and statements.  I
can use this for auditing purposes.

-----Original Message-----
From: Peter Eisentraut [mailto:peter_e@gmx.net]
Sent: Wednesday, May 20, 2009 6:49 PM
To: pgsql-admin@postgresql.org
Cc: Arnold, Sandra
Subject: Re: [ADMIN] Audit Log Destination

On Wednesday 20 May 2009 23:51:53 Arnold, Sandra wrote:
> One of my security controls is to audit events.  I don't have a
problem
> on how to do that.  However, another control is for all functionality
of
> the PostgreSQL database to cease or stall if the directory that
contains
> the audit logs is full.  What happens to PostgreSQL if any of the log
> directories are full and unable to have anything else written to it?
I
> have looked and cannot find anything that will tell me what happens.

PostgreSQL doesn't have the concept of an "audit log". So perhaps you
can
explain exactly which functionality you are using for that purpose; then
we
might figure out what happens when the disk is full.

In principle, however, you can try this out yourself, by creating a
limited-
size partition and pointing your log there.  That might give you a
better
feeling for what exactly will happen.