OPERATOR (pg_catalog. =)

[GreenBeanKILLER]

Hello, how are you?
Could you explain how to avoid the next line in the audit log?
Every time I make an insert I generate many lines for the fk

OPERATOR (pg_catalog. =) $ 1 FOR KEY SHARE OF x

[dwsteele]

Are you auditing the postgres user? If so this is not recommended some filters won't work properly in this case.

[GreenBeanKILLER]

We are auditing our personal users who have the following roles SUPERUSER INHERIT CREATEDB CREATEROLE REPLICATION;
and they ask us to audit in this way!
ALTER ROLE xxx
SET pgaudit.log = 'all, -misc';
What do you recommmend me to do?
Thanks for your time

[dwsteele]

We recommend that you don't have all your users be superuser. Beyond that there's not much pgaudit can do.

[GreenBeanKILLER]

It is that we are the dbas, but the client is wanting to audit all the users !!!
For that, they ask us to audit the nominated users

[dwsteele]

That is certainly your choice, but we have no way to reliably filter foreign key queries for the superuser. There are some logging tools (ELK, Splunk) etc. that can help with this if you want to create your own rules.

[GreenBeanKILLER]

Perfect, we will communicate to those in charge of the subject that there is no possible solution, thank you very much !!!!

[dwsteele]

You should consider using the set_user extension instead of making all the DBAs superuser. DML run via set_user will still create the extra entries but it might reduce your logging overall.

You can also use grants to allow these users to run DML on tables that they frequently have a reason to modify instead of granting superuser.

[GreenBeanKILLER]

thanks a lot David!