Re: [GENERAL] pg_audit to mask literal sql

2017-10-31 Thread Stephen Frost
Greetings, * rakeshkumar464 (rakeshkumar...@outlook.com) wrote: > By mask I mean pgaudit should log where ssn = '123-456-7891' as where ssn = > '?' Data masking really isn't part of auditing, and so even if pgaudit could do so, that wouldn't really be the right place to make it happen. There

Re: [GENERAL] pg_audit to mask literal sql

2017-10-30 Thread rakeshkumar464
By mask I mean pgaudit should log where ssn = '123-456-7891' as where ssn = '?' -- Sent from: http://www.postgresql-archive.org/PostgreSQL-general-f1843780.html -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription:

Re: [GENERAL] pg_audit to mask literal sql

2017-10-30 Thread rakeshkumar464
Yes all who interact with HIPAA data are trained for HIPAA SOP. -- Sent from: http://www.postgresql-archive.org/PostgreSQL-general-f1843780.html -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription:

Re: [GENERAL] pg_audit to mask literal sql

2017-10-30 Thread rakeshkumar464
No they do select. It is fine in HIPAA to view data which are protected, if it is part of your job. What is not fine is being careless with that protected data and let unauthorized person view that data. -- Sent from: http://www.postgresql-archive.org/PostgreSQL-general-f1843780.html --

Re: [GENERAL] pg_audit to mask literal sql

2017-10-30 Thread Rob Sargent
On 10/30/2017 03:35 PM, John R Pierce wrote: On 10/30/2017 10:55 AM, rakeshkumar464 wrote: Is there a way in pgaudit to mask literal sqls like the below: insert into table (col1,col2) values(1,2) select * from table where col1 = 1 These sqls are typed by our QA folks using pgadmin. pgaudit

Re: [GENERAL] pg_audit to mask literal sql

2017-10-30 Thread John R Pierce
On 10/30/2017 10:55 AM, rakeshkumar464 wrote: Is there a way in pgaudit to mask literal sqls like the below: insert into table (col1,col2) values(1,2) select * from table where col1 = 1 These sqls are typed by our QA folks using pgadmin. pgaudit records this verbatim which runs afoul of our

Re: [GENERAL] pg_audit to mask literal sql

2017-10-30 Thread Arthur Zakirov
On Mon, Oct 30, 2017 at 10:55:17AM -0700, rakeshkumar464 wrote: > Is there a way in pgaudit to mask literal sqls like the below: > > insert into table (col1,col2) values(1,2) > select * from table where col1 = 1 > > These sqls are typed by our QA folks using pgadmin. pgaudit records this >

[GENERAL] pg_audit to mask literal sql

2017-10-30 Thread rakeshkumar464
Is there a way in pgaudit to mask literal sqls like the below: insert into table (col1,col2) values(1,2) select * from table where col1 = 1 These sqls are typed by our QA folks using pgadmin. pgaudit records this verbatim which runs afoul of our HIPAA requirement. Prepared statements are not