Обсуждение: Enable DB level audit trail

Поиск
Список
Период
Сортировка

Enable DB level audit trail

От
Siraj G
Дата:
Hello Admins!

How do we enable DB level audit trail in PgSQL?

Regards
Siraj

Re: Enable DB level audit trail

От
Siraj G
Дата:
Also, I would like to understand the implications of enabling the DB audit.

Appreciate the help.

Regards
Siraj

On Mon, Apr 8, 2024 at 11:30 AM Siraj G <tosiraj.g@gmail.com> wrote:
Hello Admins!

How do we enable DB level audit trail in PgSQL?

Regards
Siraj

Re: Enable DB level audit trail

От
Ron Johnson
Дата:
On Mon, Apr 8, 2024 at 2:01 AM Siraj G <tosiraj.g@gmail.com> wrote:
Hello Admins!

How do we enable DB level audit trail in PgSQL?

pgaudit.

Re: Enable DB level audit trail

От
Ron Johnson
Дата:
Lots of extra stuff in the postgresql log files.

On Mon, Apr 8, 2024 at 3:56 AM Siraj G <tosiraj.g@gmail.com> wrote:
Also, I would like to understand the implications of enabling the DB audit.

Appreciate the help.

Regards
Siraj

On Mon, Apr 8, 2024 at 11:30 AM Siraj G <tosiraj.g@gmail.com> wrote:
Hello Admins!

How do we enable DB level audit trail in PgSQL?

Regards
Siraj

Re: Enable DB level audit trail

От
Siraj G
Дата:
Thank you Ron.
Would it be good to use trigger based auditing or via pgAudit?
All we want is to capture changes in a few tables.

Regards
Siraj

On Mon, Apr 8, 2024 at 6:24 PM Ron Johnson <ronljohnsonjr@gmail.com> wrote:
Lots of extra stuff in the postgresql log files.

On Mon, Apr 8, 2024 at 3:56 AM Siraj G <tosiraj.g@gmail.com> wrote:
Also, I would like to understand the implications of enabling the DB audit.

Appreciate the help.

Regards
Siraj

On Mon, Apr 8, 2024 at 11:30 AM Siraj G <tosiraj.g@gmail.com> wrote:
Hello Admins!

How do we enable DB level audit trail in PgSQL?

Regards
Siraj

Re: Enable DB level audit trail

От
Ron Johnson
Дата:
"Audit tables" are tables just like any other table, which means they can be changed by anyone with a superuser ROLE.

pgaudit and Qradar rsyslog is how you unalterably track table changes.  That, of course, means you need the Qradar software on another server, etc, etc, etc.

But if lawyers and security compliance officers don't care... then sure, triggers and "audit tables" work just fine.  I recommend adding a timestamp and "action code" ('I'=insert, 'U'=update, 'D'=delete) to the audit tables in addition to cloning the base table's columns.

On Tue, Apr 16, 2024 at 1:32 PM Siraj G <tosiraj.g@gmail.com> wrote:
Thank you Ron.
Would it be good to use trigger based auditing or via pgAudit?
All we want is to capture changes in a few tables.

Regards
Siraj

On Mon, Apr 8, 2024 at 6:24 PM Ron Johnson <ronljohnsonjr@gmail.com> wrote:
Lots of extra stuff in the postgresql log files.

On Mon, Apr 8, 2024 at 3:56 AM Siraj G <tosiraj.g@gmail.com> wrote:
Also, I would like to understand the implications of enabling the DB audit.

Appreciate the help.

Regards
Siraj

On Mon, Apr 8, 2024 at 11:30 AM Siraj G <tosiraj.g@gmail.com> wrote:
Hello Admins!

How do we enable DB level audit trail in PgSQL?

Regards
Siraj

Re: Enable DB level audit trail

От
GF
Дата:

Il mar 16 apr 2024, 20:01 Ron Johnson <ronljohnsonjr@gmail.com> ha scritto:
"Audit tables" are tables just like any other table, which means they can be changed by anyone with a superuser ROLE.

... and trigger-based audit interferes with the transaction: think of an exception while auditing, it would rollback also the statement(s) it was tracking.

giovanni

Enable DB level audit trail

От
"Wetmore, Matthew (CTR)"
Дата:

Create a _hist table

 

From: Siraj G <tosiraj.g@gmail.com>
Sent: Tuesday, April 16, 2024 10:32 AM
To: Ron Johnson <ronljohnsonjr@gmail.com>
Cc: Pgsql-admin <pgsql-admin@lists.postgresql.org>
Subject: [EXTERNAL] Re: Enable DB level audit trail

 

Thank you Ron.

Would it be good to use trigger based auditing or via pgAudit?

All we want is to capture changes in a few tables.

 

Regards

Siraj

 

On Mon, Apr 8, 2024 at 6:24 PM Ron Johnson <ronljohnsonjr@gmail.com> wrote:

Lots of extra stuff in the postgresql log files.

 

On Mon, Apr 8, 2024 at 3:56 AM Siraj G <tosiraj.g@gmail.com> wrote:

Also, I would like to understand the implications of enabling the DB audit.

 

Appreciate the help.

 

Regards

Siraj

 

On Mon, Apr 8, 2024 at 11:30 AM Siraj G <tosiraj.g@gmail.com> wrote:

Hello Admins!

 

How do we enable DB level audit trail in PgSQL?

 

Regards

Siraj