Re: pgaudit and create postgis extension logs a lot inserts

From: David Steele <david(at)pgmasters(dot)net>
To: Svensson Peter <peter(dot)svensson(at)smhi(dot)se>, "pgsql-performance(at)postgresql(dot)org" <pgsql-performance(at)postgresql(dot)org>
Subject: Re: pgaudit and create postgis extension logs a lot inserts
Date: 2018-01-19 13:51:20
Message-ID: 551c26e7-c683-68b3-bd66-6285e859b7ae@pgmasters.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-performance

Hi Peter,

On 1/18/18 7:12 AM, Svensson Peter wrote:
>
> Also noticed that setting a session log to none (set
> pgaudit.log='none';)  overrides parameter from postgresql.conf,  but
> does not get logged, and then you can do whatever you want without any
> audit.
> I supposed this changing of  audit session log parameter should be
> logged to file?

pgaudit is not intended to audit the superuser and only a superuser can
set pgaudit.log.

However, you can limit superuser access with the setuser extension:
https://github.com/pgaudit/set_user

Regards,
--
-David
david(at)pgmasters(dot)net

In response to

Browse pgsql-performance by date

  From Date Subject
Next Message Thomas Kellerer 2018-01-19 16:48:29 Performance impact of lowering max_files_per_process
Previous Message David Steele 2018-01-19 13:41:42 Re: pgaudit and create postgis extension logs a lot inserts