* Simon Riggs (si...@2ndquadrant.com) wrote:
> I vote to include pgaudit in 9.5, albeit with any changes. In
> particular, David may have some changes to recommend, but I haven't
> seen a spec or a patch, just a new version of code (which isn't how we
> do things...).

Hrm.  I thought David's new patch actually looked quite good and it's
certainly quite a bit different from the initial patch (which didn't
seem like it was moving forward..).  Guess I'm confused how a new patch
is different from a 'new version of code' and I didn't see a spec for
either patch.  From the old thread, David had offered to submit a pull
request if there was interest and I didn't see any response...

> I'm happy to do final review and commit. Assuming we are in agreement,
> what changes are needed prior to commit?

I'm all about getting something done here for 9.5 also and would
certainly prefer to focus on that.

The recent discussion has all moved towards the approach that I was
advocating where we use GRANT simimlar to how AUDIT exists in other
RDBMS's.  Both the latest version of the code from Abhijit and David's
code do that and I found what David did quite easy to follow- no big
#ifdef blocks (something I complained about earlier but didn't see any
progress on..) and no big switch statements that would likely get
out-dated very quickly.  I'm not against going back to the code
submitted by Abhijit, if it's cleaned up and has the #ifdef blocks and
whatnot removed that were discussed previously.  I don't fault David for
moving forward though, given the lack of feedback.

Perhaps there's an issue where the classes provided by David's approach
aren't granular enough but it's certainly better than what we have
today.  The event-trigger based approach depends on as-yet-uncommitted
code, as I understand it.  I'd certainly rather have fewer audit classes
which cover everything than more audit classes which end up not covering
everything because we don't have all the deparse code or event triggers
we need completed and committed yet.

        Thanks!

                Stephen

Attachment: signature.asc
Description: Digital signature

Reply via email to