You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm added audit to read table: grant select on audited_file to auditor;
but I see in a log 'update' statement.
I reproduced the situation this way:
PREPARE fh(varchar(255),int) as UPDATE audited_file set file_hash=$1 where id=$2;
EXECUTE fh('test', 1)
In the log appeared:
LOG: AUDIT: OBJECT,30,1,WRITE,UPDATE,TABLE,public.audited_file,"PREPARE fh(varchar(255),int) as UPDATE audited_file set file_hash=$1 where id=$2","test,1"
p.s. For prepred insert and prepared delete works normally
The text was updated successfully, but these errors were encountered:
So, to be clear, this audit record is showing up even though it should not be based on the permissions given to auditor, i.e. there are too many audit records rather than too few.
Any delete/update contains an implied select on the table, and that's what pgaudit is picking up on. It also happens for deletes if there is a where clause.
It might be possible to filter this out, but I'm not sure what unintended consequences that would have, or even if it would be correct. Any thoughts @sfrost?
I'm added audit to read table:
grant select on audited_file to auditor;
but I see in a log 'update' statement.
I reproduced the situation this way:
PREPARE fh(varchar(255),int) as UPDATE audited_file set file_hash=$1 where id=$2;
EXECUTE fh('test', 1)
In the log appeared:
p.s. For prepred insert and prepared delete works normally
The text was updated successfully, but these errors were encountered: