Re: pg_audit to mask literal sql

From: Rob Sargent <robjsargent(at)gmail(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: pg_audit to mask literal sql
Date: 2017-10-30 21:46:24
Message-ID: 332085cf-dad5-09db-0b4c-69596387037f@gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 10/30/2017 03:35 PM, John R Pierce wrote:
> On 10/30/2017 10:55 AM, rakeshkumar464 wrote:
>> Is there a way in pgaudit to mask literal sqls like the below:
>>
>> insert into table (col1,col2) values(1,2)
>> select * from table where col1 = 1
>>
>> These sqls are typed by our QA folks using pgadmin. pgaudit records this
>> verbatim which runs afoul of our HIPAA requirement. Prepared
>> statements are
>> not an issue since pgaudit provides a way to suppress values.
>
> if you have a HIPAA requirement that says 'dont run manual sql
> statements', then, well, DONT.
>
> why are QA folks making changes on production databases, anyways?
> thats not within their domain. QA should be working on development
> or staging databases.
>
>
>
I suspect the QA types are testing against production and using/seeing
real names, etc with queries which create /transitory/ tables. I wonder
if the QA folks have been HIPAA certified? Probable better to get them
redacted data for testing.

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message rakeshkumar464 2017-10-30 22:42:18 Re: pg_audit to mask literal sql
Previous Message John R Pierce 2017-10-30 21:35:57 Re: pg_audit to mask literal sql