Robert, all,
* Robert Haas (robertmh...@gmail.com) wrote:
On Mon, May 11, 2015 at 9:07 PM, David Steele da...@pgmasters.net wrote:
The attached v12 patch removes the code that became redundant with
Alvaro committing the event trigger/deparse work. I've updated the
regression tests to
On Mon, May 11, 2015 at 9:07 PM, David Steele da...@pgmasters.net wrote:
On 5/1/15 5:58 AM, Sawada Masahiko wrote:
For now, since pg_audit patch has a pg_audit_ddl_command_end()
function which uses part of un-committed deparsing utility commands
patch API,
pg_audit patch is completely depend
On Thu, May 7, 2015 at 03:41:13PM -0400, Stephen Frost wrote:
Bruce,
What is our history of doing things in contrib because we are not sure
what we want, then moving it into core? My general recollection is that
there is usually something in the contrib version we don't want to add
to
Bruce,
* Bruce Momjian (br...@momjian.us) wrote:
On Thu, May 7, 2015 at 10:26:55AM -0400, Stephen Frost wrote:
* Peter Eisentraut (pete...@gmx.net) wrote:
On 5/4/15 8:37 PM, Stephen Frost wrote:
I don't follow this logic. The concerns raised above are about changing
our in-core
On Thu, May 7, 2015 at 10:26:55AM -0400, Stephen Frost wrote:
* Peter Eisentraut (pete...@gmx.net) wrote:
On 5/4/15 8:37 PM, Stephen Frost wrote:
I don't follow this logic. The concerns raised above are about changing
our in-core logging. We haven't got in-core auditing and so I don't
Peter,
* Peter Eisentraut (pete...@gmx.net) wrote:
On 5/7/15 10:26 AM, Stephen Frost wrote:
Auditing is about what happened whereas
statement logging is log whatever statement the user sent. pgAudit
bears this out by logging internal SQL statements and object
information, unlike what we
* Peter Eisentraut (pete...@gmx.net) wrote:
On 5/4/15 8:37 PM, Stephen Frost wrote:
I don't follow this logic. The concerns raised above are about changing
our in-core logging. We haven't got in-core auditing and so I don't see
how they apply to it.
How is session auditing
On 5/7/15 10:26 AM, Stephen Frost wrote:
Auditing is about what happened whereas
statement logging is log whatever statement the user sent. pgAudit
bears this out by logging internal SQL statements and object
information, unlike what we do with statement logging today.
I don't think this is
On 5/7/15 8:26 AM, Stephen Frost wrote:
* Peter Eisentraut (pete...@gmx.net) wrote:
On 5/4/15 8:37 PM, Stephen Frost wrote:
I don't follow this logic. The concerns raised above are about changing
our in-core logging. We haven't got in-core auditing and so I don't see
how they apply to it.
On 5/4/15 8:37 PM, Stephen Frost wrote:
I don't follow this logic. The concerns raised above are about changing
our in-core logging. We haven't got in-core auditing and so I don't see
how they apply to it.
How is session auditing substantially different from statement logging?
I think it is
* Peter Eisentraut (pete...@gmx.net) wrote:
On 4/30/15 6:05 AM, Fujii Masao wrote:
The specification of session audit logging seems to be still unclear to
me.
As I had mentioned previously, I would prefer session audit logging to
be integrated with the normal statement logging
* Peter Eisentraut (pete...@gmx.net) wrote:
On 5/4/15 3:00 PM, Stephen Frost wrote:
One particular advantage of having the extension is that having it
doesn't impact existing users of the in-core logging system. I don't
recall any specific proposals for improving the in-core logging system
On 5/4/15 3:00 PM, Stephen Frost wrote:
One particular advantage of having the extension is that having it
doesn't impact existing users of the in-core logging system. I don't
recall any specific proposals for improving the in-core logging system
to add the capabilities for session logging
On 4/30/15 6:05 AM, Fujii Masao wrote:
The specification of session audit logging seems to be still unclear to me.
As I had mentioned previously, I would prefer session audit logging to
be integrated with the normal statement logging configuration.
--
Sent via pgsql-hackers mailing list
On Fri, May 1, 2015 at 6:24 AM, David Steele da...@pgmasters.net wrote:
On 4/30/15 6:05 AM, Fujii Masao wrote:
On Thu, Apr 30, 2015 at 12:57 PM, Sawada Masahiko sawada.m...@gmail.com
wrote:
I have changed the status this to Ready for Committer.
The specification of session audit logging
On 5/1/15 5:58 AM, Sawada Masahiko wrote:
On Fri, May 1, 2015 at 6:24 AM, David Steele da...@pgmasters.net wrote:
May 15th is the feature freeze, so that does give a little time. It's
not clear to me what a self-contained part of the patch would be. If
you have specific ideas on what could
On Thu, Apr 30, 2015 at 12:57 PM, Sawada Masahiko sawada.m...@gmail.com wrote:
On Wed, Apr 29, 2015 at 12:17 AM, David Steele da...@pgmasters.net wrote:
On 4/28/15 2:14 AM, Sawada Masahiko wrote:
On Fri, Apr 24, 2015 at 3:23 AM, David Steele da...@pgmasters.net wrote:
I've also added some
On Wed, Apr 29, 2015 at 12:17 AM, David Steele da...@pgmasters.net wrote:
On 4/28/15 2:14 AM, Sawada Masahiko wrote:
On Fri, Apr 24, 2015 at 3:23 AM, David Steele da...@pgmasters.net wrote:
I've also added some checking to make sure that if anything looks funny
on the stack an error will be
On 4/28/15 2:14 AM, Sawada Masahiko wrote:
On Fri, Apr 24, 2015 at 3:23 AM, David Steele da...@pgmasters.net wrote:
I've also added some checking to make sure that if anything looks funny
on the stack an error will be generated.
Thanks for the feedback!
Thank you for updating the patch!
On Fri, Apr 24, 2015 at 3:23 AM, David Steele da...@pgmasters.net wrote:
On 4/23/15 5:49 AM, Sawada Masahiko wrote:
I'm concerned that behaviour of pg_audit has been changed at a few
times as far as I remember. Did we achieve consensus on this design?
The original author Abhijit expressed
On Mon, Apr 20, 2015 at 10:17 PM, David Steele da...@pgmasters.net wrote:
On 4/20/15 4:40 AM, Sawada Masahiko wrote:
Thank you for updating the patch.
One question about regarding since v7 (or later) patch is;
What is the different between OBJECT logging and SESSION logging?
In brief,
On 4/20/15 4:40 AM, Sawada Masahiko wrote:
Thank you for updating the patch.
One question about regarding since v7 (or later) patch is;
What is the different between OBJECT logging and SESSION logging?
In brief, session logging can log anything that happens in a user
session while object
On Thu, Apr 16, 2015 at 2:34 AM, David Steele da...@pgmasters.net wrote:
On 4/15/15 11:30 AM, Sawada Masahiko wrote:
On Wed, Apr 15, 2015 at 10:52 AM, Sawada Masahiko sawada.m...@gmail.com
wrote:
I tested v8 patch with CURSOR case I mentioned before, and got
segmentation fault again.
Here
On Wed, Apr 15, 2015 at 10:52 AM, Sawada Masahiko sawada.m...@gmail.com wrote:
On Wed, Apr 15, 2015 at 8:57 AM, David Steele da...@pgmasters.net wrote:
On 4/14/15 7:13 PM, Tatsuo Ishii wrote:
This patch does not apply cleanly due to the moving of pgbench (patch
to filelist.sgml failed).
On 4/14/15 8:37 PM, Tatsuo Ishii wrote:
BTW, in my understanding pg_audit allows to track a table access even
if it's used in a view. I think this is a nice feature and it would be
better explicitly stated in the document and the test case is better
included in the regression test.
Here is
On 4/14/15 7:13 PM, Tatsuo Ishii wrote:
This patch does not apply cleanly due to the moving of pgbench (patch
to filelist.sgml failed).
Thank you for pointing that out!
Ironic that it was the commit directly after the one I was testing with
that broke the patch. It appears the end of the last
Thank you for pointing that out!
Ironic that it was the commit directly after the one I was testing with
that broke the patch. It appears the end of the last CF is a very bad
time to be behind HEAD.
Fixed in attached v8 patch.
Thank you for your quick response.
BTW, in my understanding
On Wed, Apr 15, 2015 at 8:57 AM, David Steele da...@pgmasters.net wrote:
On 4/14/15 7:13 PM, Tatsuo Ishii wrote:
This patch does not apply cleanly due to the moving of pgbench (patch
to filelist.sgml failed).
Thank you for pointing that out!
Ironic that it was the commit directly after the
This patch does not apply cleanly due to the moving of pgbench (patch
to filelist.sgml failed).
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
Attached is the v7 pg_audit patch.
I've tried to address Peter's
On 4/6/15 5:03 PM, Alvaro Herrera wrote:
Simon Riggs wrote:
The present version can trigger an audit trail event for a statement,
without tracking the object that was being audited. This prevents you
from searching for all SQL that touches table X, i.e. we know the
statements were
On 6 April 2015 at 16:34, Peter Eisentraut pete...@gmx.net wrote:
On 2/14/15 9:34 PM, David Steele wrote:
The patch I've attached satisfies the requirements that I've had from
customers in the past.
What I'm missing is a more precise description/documentation of what
those requirements might
On 2/14/15 9:34 PM, David Steele wrote:
The patch I've attached satisfies the requirements that I've had from
customers in the past.
What I'm missing is a more precise description/documentation of what
those requirements might be.
Audit is a big word. It might imply regulatory or standards
Simon Riggs wrote:
The present version can trigger an audit trail event for a statement,
without tracking the object that was being audited. This prevents you
from searching for all SQL that touches table X, i.e. we know the
statements were generated, but not which ones they were. IMHO that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 4/6/15 4:34 PM, Peter Eisentraut wrote:
On 2/14/15 9:34 PM, David Steele wrote:
The patch I've attached satisfies the requirements that I've had
from customers in the past.
What I'm missing is a more precise description/documentation of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 4/6/15 4:47 PM, Simon Riggs wrote:
On 6 April 2015 at 16:34, Peter Eisentraut pete...@gmx.net
wrote:
Audit is a big word. It might imply regulatory or standards
compliance on some level. We already have ways to log
everything. If
On 6 April 2015 at 20:38, David Steele da...@pgmasters.net wrote:
The earlier version of pg_audit generated different output.
Specifically, it allowed you to generate output for each object
tracked; one line per object.
That discussion covers recursive SQL. That is important too, but not
what
On Fri, Apr 3, 2015 at 10:01 PM, David Steele da...@pgmasters.net wrote:
On 4/3/15 3:59 AM, Sawada Masahiko wrote:
On Thu, Apr 2, 2015 at 2:46 AM, David Steele da...@pgmasters.net wrote:
Let me know if you see any other issues.
I pulled HEAD, and then tried to compile source code after
On Fri, Apr 3, 2015 at 10:01 PM, David Steele da...@pgmasters.net wrote:
On 4/3/15 3:59 AM, Sawada Masahiko wrote:
On Thu, Apr 2, 2015 at 2:46 AM, David Steele da...@pgmasters.net wrote:
Let me know if you see any other issues.
I pulled HEAD, and then tried to compile source code after
On 4/6/15 8:40 AM, Sawada Masahiko wrote:
On Fri, Apr 3, 2015 at 10:01 PM, David Steele da...@pgmasters.net wrote:
On 4/3/15 3:59 AM, Sawada Masahiko wrote:
On Thu, Apr 2, 2015 at 2:46 AM, David Steele da...@pgmasters.net wrote:
Let me know if you see any other issues.
I pulled HEAD, and
On Thu, Apr 2, 2015 at 2:46 AM, David Steele da...@pgmasters.net wrote:
Hi Sawada,
On 3/25/15 9:24 AM, David Steele wrote:
On 3/25/15 7:46 AM, Sawada Masahiko wrote:
2.
I got ERROR when executing function uses cursor.
1) create empty table (hoge table)
2) create test function as follows.
On 4/3/15 3:59 AM, Sawada Masahiko wrote:
On Thu, Apr 2, 2015 at 2:46 AM, David Steele da...@pgmasters.net wrote:
Let me know if you see any other issues.
I pulled HEAD, and then tried to compile source code after applied
following deparsing utility command patch without #0001 and #0002.
Hi Sawada,
On 3/25/15 9:24 AM, David Steele wrote:
On 3/25/15 7:46 AM, Sawada Masahiko wrote:
2.
I got ERROR when executing function uses cursor.
1) create empty table (hoge table)
2) create test function as follows.
create function test() returns int as $$
declare
cur1 cursor for
On 3/23/15 12:40 PM, David Steele wrote:
On 3/23/15 1:31 AM, Abhijit Menon-Sen wrote:
I'm experimenting with a few approaches to do this without reintroducing
switch statements to test every command. That will require core changes,
but I think we can find an acceptable arrangement. I'll post a
On 3/25/15 7:46 AM, Sawada Masahiko wrote:
On Wed, Mar 25, 2015 at 12:23 PM, David Steele da...@pgmasters.net wrote:
On Wed, Mar 25, 2015 at 12:38 AM, David Steele da...@pgmasters.net wrote:
2. OBJECT auditing does not work before adding acl info to
pg_class.rel_acl.
In following situation,
On Wed, Mar 25, 2015 at 12:23 PM, David Steele da...@pgmasters.net wrote:
On Wed, Mar 25, 2015 at 12:38 AM, David Steele da...@pgmasters.net wrote:
2. OBJECT auditing does not work before adding acl info to
pg_class.rel_acl.
In following situation, pg_audit can not audit OBJECT log.
$ cat
On Tue, Mar 24, 2015 at 3:17 AM, Alvaro Herrera
alvhe...@2ndquadrant.com wrote:
Sawada Masahiko wrote:
I tied to look into latest patch, but got following error.
masahiko [pg_audit] $ LANG=C make
gcc -Wall -Wmissing-prototypes -Wpointer-arith
-Wdeclaration-after-statement -Wendif-labels
Hi Sawada,
Thank you for taking the time to look at the patch.
On 3/24/15 10:28 AM, Sawada Masahiko wrote:
I've applied these patchese successfully.
I looked into this module, and had a few comments as follows.
1. pg_audit audits only one role currently.
In currently code, we can not
Hi David,
Thank you for your answer!
On Wed, Mar 25, 2015 at 12:38 AM, David Steele da...@pgmasters.net wrote:
Hi Sawada,
Thank you for taking the time to look at the patch.
On 3/24/15 10:28 AM, Sawada Masahiko wrote:
I've applied these patchese successfully.
I looked into this module,
On Wed, Mar 25, 2015 at 12:38 AM, David Steele da...@pgmasters.net wrote:
2. OBJECT auditing does not work before adding acl info to pg_class.rel_acl.
In following situation, pg_audit can not audit OBJECT log.
$ cat postgresql.conf | grep audit
shared_preload_libraries = 'pg_audit'
Thanks for the review, Abhijit.
On 3/23/15 1:31 AM, Abhijit Menon-Sen wrote:
At 2015-02-24 11:22:41 -0500, da...@pgmasters.net wrote:
Patch v3 is attached.
+
+/* Function execution */
+LOG_MISC = (1 5),
The comment above LOG_MISC should be changed.
Fixed.
More fundamentally,
Sawada Masahiko wrote:
I tied to look into latest patch, but got following error.
masahiko [pg_audit] $ LANG=C make
gcc -Wall -Wmissing-prototypes -Wpointer-arith
-Wdeclaration-after-statement -Wendif-labels
-Wmissing-format-attribute -Wformat-security -fno-strict-aliasing
-fwrapv -g
On Tue, Mar 24, 2015 at 1:40 AM, David Steele da...@pgmasters.net wrote:
Thanks for the review, Abhijit.
On 3/23/15 1:31 AM, Abhijit Menon-Sen wrote:
At 2015-02-24 11:22:41 -0500, da...@pgmasters.net wrote:
Patch v3 is attached.
+
+/* Function execution */
+LOG_MISC = (1 5),
On 3/23/15 1:39 PM, Sawada Masahiko wrote:
On Tue, Mar 24, 2015 at 1:40 AM, David Steele da...@pgmasters.net wrote:
I have prepared a patch that brings event triggers and deparse back to
pg_audit based on the Alvaro's dev/deparse branch at
git://git.postgresql.org/git/2ndquadrant_bdr.git
At 2015-02-24 11:22:41 -0500, da...@pgmasters.net wrote:
Patch v3 is attached.
[…]
+/* Log class enum used to represent bits in auditLogBitmap */
+enum LogClass
+{
+ LOG_NONE = 0,
+
+ /* SELECT */
+ LOG_READ = (1 0),
+
+ /* INSERT, UPDATE, DELETE, TRUNCATE */
+
On 2/23/15 10:59 AM, David Steele wrote:
On 2/17/15 10:34 AM, Stephen Frost wrote:
There seems to be a number of places which are 'pgaudit' and a bunch
that are 'pg_audit'. I'm guessing you were thinking 'pg_audit', but
it'd be good to clean up and make them all consistent.
Fixed, though I
Hi Stephen,
Thanks for your review. All fixed except for comments below:
On 2/17/15 10:34 AM, Stephen Frost wrote:
+/*
+ * Check privileges granted indirectly via role memberships. We do this
in
+ * a separate pass to minimize expensive indirect membership tests. In
+ *
On 15 February 2015 at 02:34, David Steele da...@pgmasters.net wrote:
I've posted a couple of messages over the last few weeks about the work
I've been doing on the pg_audit extension. The lack of response could
be due to either universal acclaim or complete apathy, but in any case I
think
On 2/18/15 8:25 AM, Simon Riggs wrote:
On 15 February 2015 at 02:34, David Steele da...@pgmasters.net wrote:
I've posted a couple of messages over the last few weeks about the work
I've been doing on the pg_audit extension. The lack of response could
be due to either universal acclaim or
David,
I've CC'd Abhijit, the original author of pgaudit, as it seems likely
he'd also be interested in this.
* David Steele (da...@pgmasters.net) wrote:
I've posted a couple of messages over the last few weeks about the work
I've been doing on the pg_audit extension. The lack of response
I've posted a couple of messages over the last few weeks about the work
I've been doing on the pg_audit extension. The lack of response could
be due to either universal acclaim or complete apathy, but in any case I
think this is a very important topic so I want to give it another try.
I've
60 matches
Mail list logo
