| From: | Jeremy Schneider <schneider(at)ardentperf(dot)com> |
|---|---|
| To: | Sumanth Vishwaraj <sumanth(dot)vishwaraj(at)oracle(dot)com> |
| Cc: | "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: New feature request for adding session information to PostgreSQL transaction log |
| Date: | 2025-01-21 01:25:54 |
| Message-ID: | 20250120172554.2aec90e2@ardentperf.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 15 Jan 2025 08:54:06 +0000
Sumanth Vishwaraj <sumanth(dot)vishwaraj(at)oracle(dot)com> wrote:
> Oracle Audit Vault and Database Firewall (AVDF) audits/monitors
> database activities. This product helps enterprises to manage the
> security posture of Oracle , PostgreSQL and other databases.
>
> Oracle AVDF helps customers in India comply with the Ministry of
> Corporate Affairs (MCA) Guidelines
> (https://www.mca.gov.in/Ministry/pdf/AuditAuditorsAmendmentRules_24032021.pdf)
> As per the MCA guidelines it is mandatory to capture details of what
> data was changed, when it was changed and who made the change.
>
> PostgreSQL generates and stores (change data capture) information in
> transaction log, which is in turn read by Oracle GoldenGate and
> stored in XML files. These XML files are processed by AVDF and stored
> in AVDF database.
Hi Sumanth -
I think your question would be better suited to the general (users)
list, since it's more of a "user" question. This "hackers" email list
is used by developers working on Postgres internals.
I think you might misunderstand Oracle's auditing features. IIUC,
neither the traditional SYS.AUD$ table nor the new unified audit trail
in Oracle are populated from redo, but both are populated by directly
intercepting events.
A common solution following a similar model in the Postgres space is
pgaudit. I would suggest to start out by reading the pgaudit
documentation here:
https://github.com/pgaudit/pgaudit/blob/main/README.md
Pgaudit is an "extension" that's installed separately and added on to
Postgres, with its own distinct group of maintainers. I'm not sure if it
has a dedicated forum for questions and discussion, but I'm sure you
could ask questions on the community Postgres slack, IRC, telegram, and
other popular online Postgres community forums.
I don't know if it would be considered out of place to ask questions
about pgaudit on the pgsql-general list (because it's an extension and
doesn't come from postgresql.org) but I am sure there are a lot of
pgaudit users here, so questions might be ok over on the general (users)
mailing list.
There are a lot of people (including my company) using Postgres in
regulated industries around the world and it has robust capabilites to
meet regulations. Oracle is a great database too. Good luck with your
project!
-Jeremy
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-01-21 01:41:25 | Re: [PATCH] Add roman support for to_number function |
| Previous Message | Dagfinn Ilmari Mannsåker | 2025-01-21 01:22:53 | Re: pg_createsubscriber TAP test wrapping makes command options hard to read. |