On Mon, Jun 23, 2014 at 11:15 AM, Stephen Frost <sfr...@snowman.net> wrote: > * Robert Haas (robertmh...@gmail.com) wrote: >> Similarly, >> building a logging facility that meets the needs of real users is >> going to require a configuration method more flexible than a total >> order with four choices. I happen to think a list of comma-separated >> tokens is a pretty good choice, but something else could be OK, too. >> We need something better than what we've got now, though. > > Absolutely, and not all of that should be done through postgresql.conf, > imv. The level of flexibility that is being asked for, from what I've > seen and heard, really needs to be met with new catalog tables or > extending existing ones. The nearby thread on pg_audit would be a good > example. > > I certainly don't want to be specifying specific table names or > providing a list of roles through any GUC (or configuration file of any > kind). I'm not adverse to improving log_statement to a list with tokens > that indicate various meaning levels but anything done through that > mechanism will be very coarse.
True, but it would be enough to let you make a list of commands you'd like to audit, and I think that might be valuable enough to justify the price of admission. I certainly agree that logging based on which object is being accessed needs a different design, tied into the catalogs. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers