Participants
Marco Serantoni
Marco Serantoni
Merlin Moncure
Merlin Moncure
Attachments

No attachments in this thread

Thread Outline
#1Marco SerantoniMarco Serantoni
Oct 10, 2006
#2Merlin MoncureMerlin Moncureto Marco Serantoni (#1)
Oct 12, 2006
#3Marco SerantoniMarco Serantonito Merlin Moncure (#2)
Oct 12, 2006
#4Merlin MoncureMerlin Moncureto Marco Serantoni (#3)
Oct 12, 2006

Database Auditing

Started by Marco Serantoniover 19 years ago4 messages
#1Marco Serantoni
Marco Serantoni
m.serantoni@caltanet.it

I'm evaluating of use postgresql but for local law requirements is
needed for the access of some kind of data (sensitive) a log of the
accesses (Auditing) is a feature available in many databases but i've
seen that lacks in PostgreSQL, there are already plans to implement it
or patches already submitted ?
If not both could someone give me some hints on how do it and where
"attach" the code like open the file in postmaster.c intercept the query
in that function etc.

Thank you in advance :)

#2Merlin Moncure
Merlin Moncure
mmoncure@gmail.com
In reply to: Marco Serantoni (#1)
Re: Database Auditing

On 10/11/06, Marco Serantoni <m.serantoni@caltanet.it> wrote:

I'm evaluating of use postgresql but for local law requirements is
needed for the access of some kind of data (sensitive) a log of the
accesses (Auditing) is a feature available in many databases but i've
seen that lacks in PostgreSQL, there are already plans to implement it
or patches already submitted ?
If not both could someone give me some hints on how do it and where
"attach" the code like open the file in postmaster.c intercept the query
in that function etc.

Thank you in advance :)

we can probably come up with something. can you please give specific
requirements about what type of information you have to keep track of?

merlin

#3Marco Serantoni
Marco Serantoni
m.serantoni@caltanet.it
In reply to: Merlin Moncure (#2)
Re: Database Auditing

I'm evaluating of use postgresql but for local law requirements is
needed for the access of some kind of data (sensitive) a log of the
accesses (Auditing) is a feature available in many databases but i've
seen that lacks in PostgreSQL, there are already plans to implement it
or patches already submitted ?
If not both could someone give me some hints on how do it

we can probably come up with something. can you please give specific
requirements about what type of information you have to keep track of?

username, date and statement executed and optionally the IP.

#4Merlin Moncure
Merlin Moncure
mmoncure@gmail.com
In reply to: Marco Serantoni (#3)
Re: [HACKERS] Database Auditing

On 10/12/06, Marco Serantoni <m.serantoni@caltanet.it> wrote:

I'm evaluating of use postgresql but for local law requirements is
needed for the access of some kind of data (sensitive) a log of the
accesses (Auditing) is a feature available in many databases but i've
seen that lacks in PostgreSQL, there are already plans to implement it
or patches already submitted ?
If not both could someone give me some hints on how do it

we can probably come up with something. can you please give specific
requirements about what type of information you have to keep track of?

username, date and statement executed and optionally the IP.

[moving this discussion to -general] please direct responses to that list only]

have you looked at postgreql.conf? you can log all of those things
and much more into the postgresql log. There is also built in
rotation and retention policies.

most especially,
log_statement = 'all'

now for fancy stuff, like logging of application data or other things
like that, you can do many things with triggers. It is possible to
write triggers that are pretty generic which can do that type of
thing.

merlin

← Back to Topics