Re: [HACKERS] Database Auditing
I'm evaluating of use postgresql but for local law requirements is needed for the access of some kind of data (sensitive) a log of the accesses (Auditing) is a feature available in many databases but i've seen that lacks in PostgreSQL, there are already plans to implement it or patches already submitted ? If not both could someone give me some hints on how do it we can probably come up with something. can you please give specific requirements about what type of information you have to keep track of? username, date and statement executed and optionally the IP. ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org
Re: [HACKERS] Database Auditing
On 10/12/06, Marco Serantoni <[EMAIL PROTECTED]> wrote: >> I'm evaluating of use postgresql but for local law requirements is >> needed for the access of some kind of data (sensitive) a log of the >> accesses (Auditing) is a feature available in many databases but i've >> seen that lacks in PostgreSQL, there are already plans to implement it >> or patches already submitted ? >> If not both could someone give me some hints on how do it > we can probably come up with something. can you please give specific > requirements about what type of information you have to keep track of? username, date and statement executed and optionally the IP. [moving this discussion to -general] please direct responses to that list only] have you looked at postgreql.conf? you can log all of those things and much more into the postgresql log. There is also built in rotation and retention policies. most especially, log_statement = 'all' now for fancy stuff, like logging of application data or other things like that, you can do many things with triggers. It is possible to write triggers that are pretty generic which can do that type of thing. merlin ---(end of broadcast)--- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [HACKERS] Database Auditing
On 10/11/06, Marco Serantoni <[EMAIL PROTECTED]> wrote: I'm evaluating of use postgresql but for local law requirements is needed for the access of some kind of data (sensitive) a log of the accesses (Auditing) is a feature available in many databases but i've seen that lacks in PostgreSQL, there are already plans to implement it or patches already submitted ? If not both could someone give me some hints on how do it and where "attach" the code like open the file in postmaster.c intercept the query in that function etc. Thank you in advance :) we can probably come up with something. can you please give specific requirements about what type of information you have to keep track of? merlin ---(end of broadcast)--- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
[HACKERS] Database Auditing
I'm evaluating of use postgresql but for local law requirements is needed for the access of some kind of data (sensitive) a log of the accesses (Auditing) is a feature available in many databases but i've seen that lacks in PostgreSQL, there are already plans to implement it or patches already submitted ? If not both could someone give me some hints on how do it and where "attach" the code like open the file in postmaster.c intercept the query in that function etc. Thank you in advance :) ---(end of broadcast)--- TIP 2: Don't 'kill -9' the postmaster
