| From: | John R Pierce <pierce(at)hogranch(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: pg_audit to mask literal sql |
| Date: | 2017-10-30 21:35:57 |
| Message-ID: | 7fbd72e8-a50d-d637-1959-c4541ad3a291@hogranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 10/30/2017 10:55 AM, rakeshkumar464 wrote:
> Is there a way in pgaudit to mask literal sqls like the below:
>
> insert into table (col1,col2) values(1,2)
> select * from table where col1 = 1
>
> These sqls are typed by our QA folks using pgadmin. pgaudit records this
> verbatim which runs afoul of our HIPAA requirement. Prepared statements are
> not an issue since pgaudit provides a way to suppress values.
if you have a HIPAA requirement that says 'dont run manual sql
statements', then, well, DONT.
why are QA folks making changes on production databases, anyways?
thats not within their domain. QA should be working on development or
staging databases.
--
john r pierce, recycling bits in santa cruz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rob Sargent | 2017-10-30 21:46:24 | Re: pg_audit to mask literal sql |
| Previous Message | David G. Johnston | 2017-10-30 21:10:12 | Re: Roles inherited from a role which is the owner of a database can drop it? |