| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Exclude certain application pgaudit logging? |
| Date: | 2024-02-06 18:18:12 |
| Message-ID: | 2beb61a5-903a-4caf-ac97-d4c2ef9b62f7@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 2/6/24 10:11 AM, Ron Johnson wrote:
> Currently, we use Object audit logging to capture all READ access to
> columns FOO_1, FOO_2 and FOO_3 in table BAR.SCRABBLE. (They are the
> three columns have PII data.)
Using what audit software?
>
> The problem is that the application legitimately reads these columns
> thousands of times per day. Thus, the log fills up with meaningless
> data that swamps any legitimate invalid accesses.
How do you know they are legitimate requests?
>
> Thus, I'd like to exclude reads from "Postgresql JDBC Driver".
> (Currently, I filter that out using "grep -v" in a shell script
> that runs hourly from cron, but I find that unsatisfactory.)
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christophe Pettus | 2024-02-06 18:21:27 | Re: Exclude certain application pgaudit logging? |
| Previous Message | Marcelo Marques | 2024-02-06 18:12:23 | Re: Yum Update nothing provides libarmadillo.so.12()(64bit) needed by gdal36-libs-3.6.4-6PGDG.rhel9.x86_64 from pgdg-common |