* Simon Riggs (si...@2ndquadrant.com) wrote: > On 14 October 2014 13:57, Stephen Frost <sfr...@snowman.net> wrote: > > > Create an 'audit' role. > > > > Every command run by roles which are granted to the 'audit' role are > > audited. > > > > Every 'select' against tables which the 'audit' role has 'select' rights > > on are audited. Similairly for every insert, update, delete. > > I think that's a good idea. > > We could have pg_audit.roles = 'audit1, audit2' > so users can specify any audit roles they wish, which might even be > existing user names.
Agreed.
> That is nice because it allows multiple completely independent
> auditors to investigate whatever they choose without discussing with
> other auditors.
Yes, also a good thought.
Thanks!
Stephen
signature.asc
Description: Digital signature
