-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OPERATOR (pg_catalog. =) #58
Comments
Are you auditing the postgres user? If so this is not recommended some filters won't work properly in this case. |
We are auditing our personal users who have the following roles SUPERUSER INHERIT CREATEDB CREATEROLE REPLICATION; |
We recommend that you don't have all your users be superuser. Beyond that there's not much pgaudit can do. |
It is that we are the dbas, but the client is wanting to audit all the users !!! |
That is certainly your choice, but we have no way to reliably filter foreign key queries for the superuser. There are some logging tools (ELK, Splunk) etc. that can help with this if you want to create your own rules. |
Perfect, we will communicate to those in charge of the subject that there is no possible solution, thank you very much !!!! |
You should consider using the set_user extension instead of making all the DBAs superuser. DML run via set_user will still create the extra entries but it might reduce your logging overall. You can also use grants to allow these users to run DML on tables that they frequently have a reason to modify instead of granting superuser. |
thanks a lot David! |
Hello, how are you?
Could you explain how to avoid the next line in the audit log?
Every time I make an insert I generate many lines for the fk
OPERATOR (pg_catalog. =) $ 1 FOR KEY SHARE OF x
The text was updated successfully, but these errors were encountered: