On 14 October 2014 13:57, Stephen Frost wrote:
> Create an 'audit' role.
>
> Every command run by roles which are granted to the 'audit' role are
> audited.
>
> Every 'select' against tables which the 'audit' role has 'select' rights
> on are audited. Similairly for every insert, update, delete.
Abhijit,
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> As before, the pgaudit code is at https://github.com/2ndQuadrant/pgaudit
> I did a quick round of testing to make sure things still work.
Thanks!
I had a very interesting discussion about auditing rules and the need to
limit what gets
At 2014-10-14 18:05:00 +0530, a...@2ndquadrant.com wrote:
>
> As before, the pgaudit code is at
> https://github.com/2ndQuadrant/pgaudit
Sorry, I forgot to attach the tarball.
-- Abhijit
pgaudit.tar.gz
Description: Binary data
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.o
Hi.
As before, the pgaudit code is at https://github.com/2ndQuadrant/pgaudit
I did a quick round of testing to make sure things still work.
I'll re-add it to the next CF now.
-- Abhijit
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
From: "Simon Riggs"
I hope we can get pgAudit in as a module for 9.5. I also hope that it
will stimulate the requirements/funding of further work in this area,
rather than squash it. My feeling is we have more examples of feature
sets that grow over time (replication, view handling, hstore/JSONB
On Wed, Oct 8, 2014 at 2:55 AM, David Fetter wrote:
>
> On Wed, Oct 08, 2014 at 12:41:46AM -0300, Fabrízio de Royes Mello wrote:
> > On Wed, Oct 8, 2014 at 12:36 AM, Josh Berkus wrote:
> > >
> > > On 10/07/2014 09:44 AM, Fabrízio de Royes Mello wrote:
> > > > We can think in a mechanism to create
On 14/10/09 7:06, Stephen Frost wrote:
> * Fabrízio de Royes Mello (fabriziome...@gmail.com) wrote:
>> On Tue, Oct 7, 2014 at 1:24 PM, Simon Riggs wrote:
>>> I hope we can get pgAudit in as a module for 9.5. I also hope that it
>>> will stimulate the requirements/funding of further work in this ar
* Fabrízio de Royes Mello (fabriziome...@gmail.com) wrote:
> On Tue, Oct 7, 2014 at 1:24 PM, Simon Riggs wrote:
> > I hope we can get pgAudit in as a module for 9.5. I also hope that it
> > will stimulate the requirements/funding of further work in this area,
> > rather than squash it. My feeling
On Wed, Oct 08, 2014 at 12:41:46AM -0300, Fabrízio de Royes Mello wrote:
> On Wed, Oct 8, 2014 at 12:36 AM, Josh Berkus wrote:
> >
> > On 10/07/2014 09:44 AM, Fabrízio de Royes Mello wrote:
> > > We can think in a mechanism to create "properties / options" and assign
> it
> > > to objects (table,
On Wed, Oct 8, 2014 at 12:36 AM, Josh Berkus wrote:
>
> On 10/07/2014 09:44 AM, Fabrízio de Royes Mello wrote:
> > We can think in a mechanism to create "properties / options" and assign
it
> > to objects (table, index, column, schema, ...) like COMMENT does.
> >
> > A quickly thought:
> >
> > CRE
On 10/07/2014 09:44 AM, Fabrízio de Royes Mello wrote:
> We can think in a mechanism to create "properties / options" and assign it
> to objects (table, index, column, schema, ...) like COMMENT does.
>
> A quickly thought:
>
> CREATE OPTION [ IF NOT EXISTS ] name
> VALIDATOR valfunction
>
On Tue, Oct 7, 2014 at 1:24 PM, Simon Riggs wrote:
>
> On 31 July 2014 22:34, Stephen Frost wrote:
> > * Tom Lane (t...@sss.pgh.pa.us) wrote:
> >> Stephen Frost writes:
> >> > * Bruce Momjian (br...@momjian.us) wrote:
> >> >> Actually, thinking more, Stephen Frost mentioned that the auditing
> >
On Tue, Oct 7, 2014 at 12:24 PM, Simon Riggs wrote:
> I spoke with Robert about a year ago that the patch he was most proud
> of was the reloptions abstraction. Whatever we do in the future,
> keeping metadata in a slightly more abstract form is very useful.
To slightly correct the record, I beli
Simon,
* Simon Riggs (si...@2ndquadrant.com) wrote:
> On 31 July 2014 22:34, Stephen Frost wrote:
> > There was a pretty good thread regarding reloptions and making it so
> > extensions could use them which seemed to end up with a proposal to turn
> > 'security labels' into a more generic metadat
On 31 July 2014 22:34, Stephen Frost wrote:
> * Tom Lane (t...@sss.pgh.pa.us) wrote:
>> Stephen Frost writes:
>> > * Bruce Momjian (br...@momjian.us) wrote:
>> >> Actually, thinking more, Stephen Frost mentioned that the auditing
>> >> system has to modify database _state_, and dumping/restoring
* Tom Lane (t...@sss.pgh.pa.us) wrote:
> Stephen Frost writes:
> > * Bruce Momjian (br...@momjian.us) wrote:
> >> Actually, thinking more, Stephen Frost mentioned that the auditing
> >> system has to modify database _state_, and dumping/restoring the state
> >> of an extension might be tricky.
>
* Robert Haas (robertmh...@gmail.com) wrote:
> On Wed, Jul 30, 2014 at 2:49 PM, Alvaro Herrera
> wrote:
> > I think you're making too much of this upgrade issue.
>
> +1.
Alright- if everyone feels that there won't be any migration issues then
I'll drop that concern.
Thanks,
On Wed, Jul 30, 2014 at 2:49 PM, Alvaro Herrera
wrote:
> I think you're making too much of this upgrade issue.
+1.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes
On Wed, Jul 30, 2014 at 02:49:25PM -0400, Alvaro Herrera wrote:
> Stephen Frost wrote:
> > * Bruce Momjian (br...@momjian.us) wrote:
> > > Actually, thinking more, Stephen Frost mentioned that the auditing
> > > system has to modify database _state_, and dumping/restoring the state
> > > of an exte
Stephen Frost writes:
> What I wish to avoid is the situation which exists around hstore.
> Perhaps I've got this wrong, but my recollection of the discussion
> leads me to believe that we can't have hstore in core becasue there's
> no simple migration path from an hstore-enabled installation to
Alvaro,
* Alvaro Herrera (alvhe...@2ndquadrant.com) wrote:
> Stephen Frost wrote:
> > This is really true of any extension which wants to attach information
> > or track things associated with roles or other database objects. What
> > I'd like to avoid is having an extension which does so through
Stephen Frost writes:
> * Bruce Momjian (br...@momjian.us) wrote:
>> Actually, thinking more, Stephen Frost mentioned that the auditing
>> system has to modify database _state_, and dumping/restoring the state
>> of an extension might be tricky.
> This is really true of any extension which wants
* Bruce Momjian (br...@momjian.us) wrote:
> I think someone could write a Perl script that you run before the
> upgrade to create SQL commands to restore the audit settings.
Is pg_upgrade going to detect that pgaudit is installed and know to run
this perl script? I don't doubt that it'd be possib
Stephen Frost wrote:
> * Bruce Momjian (br...@momjian.us) wrote:
> > Actually, thinking more, Stephen Frost mentioned that the auditing
> > system has to modify database _state_, and dumping/restoring the state
> > of an extension might be tricky.
>
> This is really true of any extension which wan
On Wed, Jul 30, 2014 at 02:29:47PM -0400, Stephen Frost wrote:
> Using auditing as an example, consider this scenario:
>
> pgaudit grows a table which is used to say "only audit roles X, Y, Z"
> (or specific tables, or connections from certain IPs, etc).
>
> A patch for PG 10.1 is proposed
* Bruce Momjian (br...@momjian.us) wrote:
> Actually, thinking more, Stephen Frost mentioned that the auditing
> system has to modify database _state_, and dumping/restoring the state
> of an extension might be tricky.
This is really true of any extension which wants to attach information
or track
On Tue, Jul 29, 2014 at 09:08:38AM -0400, Bruce Momjian wrote:
> On Thu, Jun 26, 2014 at 09:59:59AM -0400, Stephen Frost wrote:
> > Simon,
> >
> > * Simon Riggs (si...@2ndquadrant.com) wrote:
> > > "Which tables are audited" would be available via the reloptions
> > > field.
> >
> > RLS could be
On Thu, Jun 26, 2014 at 09:59:59AM -0400, Stephen Frost wrote:
> Simon,
>
> * Simon Riggs (si...@2ndquadrant.com) wrote:
> > "Which tables are audited" would be available via the reloptions
> > field.
>
> RLS could be implemented through reloptions too. Would it be useful to
> some people? Lik
Simon,
* Simon Riggs (si...@2ndquadrant.com) wrote:
> On 1 July 2014 18:32, Stephen Frost wrote:
> > Having functions to control the auditing would work, but it's not
> > exactly the ideal approach, imv, and
>
> What aspect is less than ideal?
I certainly don't like passing table names to funct
On Wed, Jul 2, 2014 at 5:19 AM, Simon Riggs wrote:
> On 1 July 2014 18:32, Stephen Frost wrote:
>> Having functions to control the auditing would work, but it's not
>> exactly the ideal approach, imv, and
>
> What aspect is less than ideal?
>
>> the only reason it's being
>> discussed here is bec
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> I foresee lots of disappointment, then. I don't think even Stephen is
> advocating NIST-compliance as the *baseline* for serious auditing in
> core, just that we need a design that lets us get there sometime.
Agreed. I'm not suggesting that we m
On 1 July 2014 18:32, Stephen Frost wrote:
> Having functions to control the auditing would work, but it's not
> exactly the ideal approach, imv, and
What aspect is less than ideal?
> the only reason it's being
> discussed here is because it might be a way to allow an extension to
> provide the
At 2014-07-01 21:39:27 +0900, maumau...@gmail.com wrote:
>
> Won't it be burden and a headache to maintain pgaudit code when it
> becomes obsolete in the near future?
Maybe it's a bit unfair to single out this statement to respond to,
because it seems at best tangential to your larger point, but:
At 2014-06-30 10:59:22 -0400, robertmh...@gmail.com wrote:
>
> That means we need some review of the patch for what it is, which
> there hasn't been much of, yet.
Regardless of the eventual fate of pgaudit, we'd certainly welcome some
review of the code.
-- Abhijit
--
Sent via pgsql-hackers ma
Simon,
* Simon Riggs (si...@2ndquadrant.com) wrote:
> On 30 June 2014 16:20, Stephen Frost wrote:
> > eh? The focus of this patch is to add auditing to PG and having very
> > clearly drawn auditing requirements of a very large customer isn't
> > relevant? I don't follow that logic at all. In f
On 30 June 2014 16:20, Stephen Frost wrote:
> * Robert Haas (robertmh...@gmail.com) wrote:
>> On Mon, Jun 30, 2014 at 9:39 AM, Stephen Frost wrote:
>> >> I think the fact that pgaudit does X and you think it should do Y is a
>> >> perfect example of why we're nowhere close to being ready to push
I'm sorry to interrupt you, but I feel strong sympathy with Stephen-san.
From: "Robert Haas"
I don't think that's a valid objection. If we someday have auditing
in core, and if it subsumes what pgaudit does, then whatever
interfaces pgaudit implements can be replaced with wrappers around the
c
* Robert Haas (robertmh...@gmail.com) wrote:
> On Mon, Jun 30, 2014 at 9:39 AM, Stephen Frost wrote:
> >> I think the fact that pgaudit does X and you think it should do Y is a
> >> perfect example of why we're nowhere close to being ready to push
> >> anything into core. We may very well want to
On Mon, Jun 30, 2014 at 9:39 AM, Stephen Frost wrote:
>> I think the fact that pgaudit does X and you think it should do Y is a
>> perfect example of why we're nowhere close to being ready to push
>> anything into core. We may very well want to do that someday, but not
>> yet.
>
> That's fine- bu
Abhijit,
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-06-30 09:39:29 -0400, sfr...@snowman.net wrote:
> > I certainly don't feel like it's the solution which extension authors
> > are looking for and will be happy with
>
> I don't know if there are any other extension authors invol
At 2014-06-30 09:39:29 -0400, sfr...@snowman.net wrote:
>
> I certainly don't feel like it's the solution which extension authors
> are looking for and will be happy with
I don't know if there are any other extension authors involved in this
discussion, but I'm not shedding any tears over the idea
Robert,
* Robert Haas (robertmh...@gmail.com) wrote:
> On Fri, Jun 27, 2014 at 2:23 PM, Stephen Frost wrote:
> > I don't exactly see how an extension or contrib module is going to be
> > able to have a reasonable catalog structure which avoids the risk that
> > renaming an object (role, schema, t
On Fri, Jun 27, 2014 at 2:23 PM, Stephen Frost wrote:
>> I disagree with Stephen's proposal that this should be in core, or
>> that it needs its own dedicated syntax. I think contrib is a great
>> place for extensions like this. That makes it a whole lot easier for
>> people to develop customize
Robert,
* Robert Haas (robertmh...@gmail.com) wrote:
> I agree with Stephen's statement that the audit configuration
> shouldn't be managed in flat files. If somebody wants to do that in
> an extension, fine, but I don't think we should commit anything into
> our source tree that works that way.
On Thu, Jun 26, 2014 at 3:50 AM, Abhijit Menon-Sen wrote:
> At 2014-06-25 10:36:07 -0400, sfr...@snowman.net wrote:
>>
>> To me, that's ridiculous on the face of it. Other databases have had
>> this kind of capability as a matter of course for decades- we are far
>> behind in this area.
>
> OK, I
* Simon Riggs (si...@2ndquadrant.com) wrote:
> On 26 June 2014 14:59, Stephen Frost wrote:
> > I think this will paint us into a corner such that we won't be able to
> > add the capabilities which the users who are most concerned about
> > auditing require.
>
> I'm sorry, but this seems exactly t
On 26 June 2014 14:59, Stephen Frost wrote:
> I think this will paint us into a corner such that we won't be able to
> add the capabilities which the users who are most concerned about
> auditing require.
I'm sorry, but this seems exactly the wrong way around to me.
The point here is that we ha
Simon,
* Simon Riggs (si...@2ndquadrant.com) wrote:
> "Which tables are audited" would be available via the reloptions
> field.
RLS could be implemented through reloptions too. Would it be useful to
some people? Likely. Would it satisfy the users who, today, are
actually asking for that featu
Abhijit,
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> Ian looked into the auditing capabilities of various (SQL and otherwise)
> systems some time ago. Informix handles its auditing configuration
> entirely outside the database. DB2 uses a mixture of in-database and
> external configuration
On 14/06/25 23:36, Stephen Frost wrote:
> Other databases have had this kind of capability as a
> matter of course for decades- we are far behind in this area.
On a related note, MySQL/MariaDB have had some sort of auditing
capability for, well, months. By no means as sophisticated as
some of the
On 23 June 2014 21:51, Stephen Frost wrote:
> I also wouldn't want this to become
> an excuse to not improve our current logging infrastructure, which is
> how we got to the place we are wrt partitioning, imv.
Not the case at all.
I wrote the existing partitioning code in 6 weeks in 2005, with
On 25 June 2014 15:40, Stephen Frost wrote:
> * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
>> At 2014-06-25 00:10:55 -0400, sfr...@snowman.net wrote:
>> > For my part, the nexts steps might be to consider how you'd migrate
>> > what you've provided for configuration into catalog tables
>>
>>
At 2014-06-25 10:36:07 -0400, sfr...@snowman.net wrote:
>
> To me, that's ridiculous on the face of it. Other databases have had
> this kind of capability as a matter of course for decades- we are far
> behind in this area.
OK, I've done a bit more thinking, but I'm not convinced that it's so
cut
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-06-25 00:10:55 -0400, sfr...@snowman.net wrote:
> > For my part, the nexts steps might be to consider how you'd migrate
> > what you've provided for configuration into catalog tables
>
> I must confess that I do not understand what needs
Alvaro,
* Alvaro Herrera (alvhe...@2ndquadrant.com) wrote:
> Stephen Frost wrote:
> > * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> > > We have some time available to work on it, but not so much that I want
> > > to write any more code without a clearer idea of what might be accepted
> > > e
At 2014-06-25 00:10:55 -0400, sfr...@snowman.net wrote:
>
> For my part, the nexts steps might be to consider how you'd migrate
> what you've provided for configuration into catalog tables
I must confess that I do not understand what needs to be migrated into
the catalog tables, or why. Of course,
Stephen Frost wrote:
> Abhijit,
>
> * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> > At 2014-06-24 14:02:11 -0400, sfr...@snowman.net wrote:
> > >
> > > Will you (collectively) be working in this direction for 9.5?
> >
> > We have some time available to work on it, but not so much that I wan
Abhijit,
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-06-24 14:02:11 -0400, sfr...@snowman.net wrote:
> >
> > Will you (collectively) be working in this direction for 9.5?
>
> We have some time available to work on it, but not so much that I want
> to write any more code without a
At 2014-06-24 14:02:11 -0400, sfr...@snowman.net wrote:
>
> Will you (collectively) be working in this direction for 9.5?
We have some time available to work on it, but not so much that I want
to write any more code without a clearer idea of what might be accepted
eventually for inclusion.
-- Abh
Abhijit,
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-06-23 16:51:55 -0400, sfr...@snowman.net wrote:
> > Are both the connected user and the current role that the command is
> > running under logged?
>
> Yes, they are. -++
Ok, great, I coul
* Fujii Masao (masao.fu...@gmail.com) wrote:
> I'm not sure if this is good idea because this basically means that master
> and every standbys must have the same audit settings and a user cannot
> set what standby logs in standby side. Of course I guess that the audit
> settings in standby would be
On Mon, Jun 23, 2014 at 9:50 PM, Stephen Frost wrote:
> * Fujii Masao (masao.fu...@gmail.com) wrote:
>> On Mon, Jun 23, 2014 at 7:51 PM, Abhijit Menon-Sen
>> wrote:
>> > At 2014-06-23 19:15:39 +0900, masao.fu...@gmail.com wrote:
>> >> You added this into CF, but its patch has not been posted yet
On Mon, Jun 23, 2014 at 6:51 AM, Abhijit Menon-Sen wrote:
> There are some unresolved questions with #2 because the extensible
> reloptions patch seems to have lost favour, but I'm pretty sure we
> could figure out some alternative.
I didn't particularly like the proposed *implementation* of exte
At 2014-06-23 16:51:55 -0400, sfr...@snowman.net wrote:
>
> We can't control what gets audited through the catalog and have to
> manage that outside of PG, right?
Right. I understand now.
> Are both the connected user and the current role that the command is
> running under logged?
Yes, they are
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-06-23 08:50:33 -0400, sfr...@snowman.net wrote:
> > I'm not a huge fan of adding this as a contrib module
>
> I added it to the CF because we're interested in auditing functionality
> for 9.5, and as far as I can tell, there's nothing bet
At 2014-06-23 08:50:33 -0400, sfr...@snowman.net wrote:
>
> I'm not a huge fan of adding this as a contrib module
I added it to the CF because we're interested in auditing functionality
for 9.5, and as far as I can tell, there's nothing better available. At
the moment, the contrib module has the
Tom,
* Tom Lane (t...@sss.pgh.pa.us) wrote:
> Stephen Frost writes:
> > I'd expect a catalog table or perhaps changes to pg_class (maybe other
> > things also..) to define what gets logged.
>
> How exactly will that work for log messages generated in contexts where
> we do not have working catal
Stephen Frost writes:
> I'd expect a catalog table or perhaps changes to pg_class (maybe other
> things also..) to define what gets logged.
How exactly will that work for log messages generated in contexts where
we do not have working catalog access? (postmaster, crash recovery,
or pretty much a
* Fujii Masao (masao.fu...@gmail.com) wrote:
> On Mon, Jun 23, 2014 at 7:51 PM, Abhijit Menon-Sen
> wrote:
> > At 2014-06-23 19:15:39 +0900, masao.fu...@gmail.com wrote:
> >> You added this into CF, but its patch has not been posted yet. Are you
> >> planning to make a patch?
> >
> > It's a self-
On Mon, Jun 23, 2014 at 7:51 PM, Abhijit Menon-Sen wrote:
> (I'm replying as co-author of pgaudit.)
>
> At 2014-06-23 19:15:39 +0900, masao.fu...@gmail.com wrote:
>>
>> You added this into CF, but its patch has not been posted yet. Are you
>> planning to make a patch?
>
> It's a self-contained con
(I'm replying as co-author of pgaudit.)
At 2014-06-23 19:15:39 +0900, masao.fu...@gmail.com wrote:
>
> You added this into CF, but its patch has not been posted yet. Are you
> planning to make a patch?
It's a self-contained contrib module. I thought Ian had posted a
tarball, but it looks like he
On Fri, May 2, 2014 at 3:19 PM, Ian Barwick wrote:
> Hi
>
> Here is an initial version of an auditing extension for Postgres to
> generate log output suitable for compiling a comprehensive audit trail
> of database operations.
You added this into CF, but its patch has not been posted yet. Are you
* Bruce Momjian (br...@momjian.us) wrote:
> On Sun, May 4, 2014 at 11:12:57AM -0400, Tom Lane wrote:
> > Stephen Frost writes:
> > > * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> > >> 1. I wish it were possible to prevent even the superuser from disabling
> > >> audit logging once it's enab
On Sun, May 4, 2014 at 11:12:57AM -0400, Tom Lane wrote:
> Stephen Frost writes:
> > * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> >> 1. I wish it were possible to prevent even the superuser from disabling
> >> audit logging once it's enabled, so that if someone gained superuser
> >> access
* Peter Eisentraut (pete...@gmx.net) wrote:
> On 5/2/14, 2:22 PM, Stephen Frost wrote:
> > I'm aware and I really am not convinced that pushing all of this to
> > contrib modules using the hooks is the right approach- for one thing, it
> > certainly doesn't seem to me that we've actually gotten a l
On 5/2/14, 2:22 PM, Stephen Frost wrote:
> I'm aware and I really am not convinced that pushing all of this to
> contrib modules using the hooks is the right approach- for one thing, it
> certainly doesn't seem to me that we've actually gotten a lot of
> traction from people to actually make use of
* Neil Tiffin (ne...@neiltiffin.com) wrote:
> On May 4, 2014, at 5:27 PM, Stephen Frost wrote:
> > * Neil Tiffin (ne...@neiltiffin.com) wrote:
> > Well, except that a superuser *could* effectively turn off checksums by
> > changing the the control file and doing a restart (perhaps modulo some
> >
On May 4, 2014, at 5:27 PM, Stephen Frost wrote:
> * Neil Tiffin (ne...@neiltiffin.com) wrote:
>> On May 4, 2014, at 3:17 PM, Stephen Frost wrote:
>>> Any system where there exists a role similar to 'superuser' in the PG
>>> sense (a user who is equivilant to the Unix UID under which the rest o
* Neil Tiffin (ne...@neiltiffin.com) wrote:
> On May 4, 2014, at 3:17 PM, Stephen Frost wrote:
> > Any system where there exists a role similar to 'superuser' in the PG
> > sense (a user who is equivilant to the Unix UID under which the rest of
> > the system is run) would be hard-pressed to provi
On May 4, 2014, at 3:17 PM, Stephen Frost wrote:
> Neil,
>
> Thanks for sharing- sounds very similar to what I've heard also. Your
> input and experience with this is very much sought and appreciated-
> please continue to help us understand, so we're able to provide
> something concrete and us
Neil,
Thanks for sharing- sounds very similar to what I've heard also. Your
input and experience with this is very much sought and appreciated-
please continue to help us understand, so we're able to provide
something concrete and useful. Further comments inline.
* Neil Tiffin (ne...@neiltiffin
On May 4, 2014, at 10:12 AM, Tom Lane wrote:
> Stephen Frost writes:
>> * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
>>> 1. I wish it were possible to prevent even the superuser from disabling
>>> audit logging once it's enabled, so that if someone gained superuser
>>> access without author
At 2014-05-04 11:03:56 -0400, sfr...@snowman.net wrote:
>
> Another reloption is one option, or an extension on the ACL system
> (for that piece of it), or we could make a new catalog for it (ala
> pg_seclabel), or perhaps add it on to one (pg_seclabel but rename
> it to pg_security..?).
I'll look
Stephen Frost writes:
> * Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
>> 1. I wish it were possible to prevent even the superuser from disabling
>> audit logging once it's enabled, so that if someone gained superuser
>> access without authorisation, their actions would still be logged.
>> But
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-05-04 08:52:42 -0400, sfr...@snowman.net wrote:
> > This also addresses things like anonymous DO blocks and functions
> > then..? With enough information to be useful for forensics?
>
> For DML, it addresses anything that goes through In
At 2014-05-04 08:52:42 -0400, sfr...@snowman.net wrote:
>
> This also addresses things like anonymous DO blocks and functions
> then..? With enough information to be useful for forensics?
For DML, it addresses anything that goes through InitPlan (which, via
ExecCheckRTPerms, calls the ExecutorChe
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> At 2014-05-02 14:22:23 -0400, sfr...@snowman.net wrote:
> > I'm aware and I really am not convinced that pushing all of this to
> > contrib modules using the hooks is the right approach- for one thing,
> > it certainly doesn't seem to me that we'v
Abhijit,
* Abhijit Menon-Sen (a...@2ndquadrant.com) wrote:
> 3. We steered clear of implementing different log targets. We know that
>ereport() doesn't cut it, but decided that doing anything else would
>be better after some feedback and wider discussion. Any suggestions
>in this regar
At 2014-05-02 14:22:23 -0400, sfr...@snowman.net wrote:
>
> I'm aware and I really am not convinced that pushing all of this to
> contrib modules using the hooks is the right approach- for one thing,
> it certainly doesn't seem to me that we've actually gotten a lot of
> traction from people to act
At 2014-05-02 14:04:27 -0400, sfr...@snowman.net wrote:
>
> I'd really like to see us be able to, say, log to a table and have
> more fine-grained control over what is logged, without needing an
> extension.
There were several factors we considered in our work:
1. We did the minimum possible to p
* Josh Berkus (j...@agliodbs.com) wrote:
> Logging hooks. We really need some contrib/ modules which take
> advantage of these.
I'm aware and I really am not convinced that pushing all of this to
contrib modules using the hooks is the right approach- for one thing, it
certainly doesn't seem to me
On 05/02/2014 11:04 AM, Stephen Frost wrote:
> This is something I've been mulling over for a couple of years (you can
> see notes from the discussion at the 2011 hacker meeting on the wiki
> about how we might change our logging system to allow for better
> filtering).
Logging hooks. We really n
Ian,
* Ian Barwick (i...@2ndquadrant.com) wrote:
> Here is an initial version of an auditing extension for Postgres to
> generate log output suitable for compiling a comprehensive audit trail
> of database operations.
Neat stuff.
> Why auditing?
Yeah, we really need to improve here. I've been
On 05/01/2014 11:19 PM, Ian Barwick wrote:
>
> Here is an initial version of an auditing extension for Postgres to
> generate log output suitable for compiling a comprehensive audit trail
> of database operations.
Cool! Looking forward to seeing it around the 9.5 cycle.
--
Josh Berkus
PostgreS
101 - 194 of 194 matches
Mail list logo
