| From: | Dave Hughes <dhughes20(at)gmail(dot)com> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Rajni Baliyan <saan654(at)gmail(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Help with configuring pgAudit |
| Date: | 2019-11-20 22:54:24 |
| Message-ID: | CAFTBbFCC995b_PBAHkMgwTCUe5X+4LdaB1u+M7NxD1zeHgZ4NQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Thanks for the tips Joe! After fighting with this all day, I realized
while I was testing this, I was logging into the database as the "postgres"
user. For some reason those actions were not being logged. But once I
logged in as another superuser account I have, I saw all my ddl statements
being audited in the log file. So it was working after all, but just not
for the "postgres" user. Do you happen to know if that behavior is how
pgaudit is supposed to work? You'd think even the "postgres" user activity
would be logged as well?
Thanks again.
On Wed, Nov 20, 2019 at 9:46 AM Joe Conway <mail(at)joeconway(dot)com> wrote:
> On 11/20/19 8:09 AM, Dave Hughes wrote:
> > Hey,
> > Thanks for reaching out. It looks like I have that parameter set as
> > well. Here is a list of settings I have turned on in postgresql.conf
> > since I installed pgAudit:
> >
> > shared_preload_libraries = 'pgaudit'
> > log_destination = 'csvlog'
> > logging_collector = on
> > log_directory = '/work/PostgreSQL/10/data'
> > log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log'
> > log_connections = on
> > log_disconnections = on
> > log_line_prefix = '<%m:%r:%u(at)%d:[%p]:>'
> > pgaudit.log = 'ddl'
> >
> > Is there some other setting I may be missing?
>
> I don't see anything wrong that jumps out except perhaps the OS postgres
> user does not have sufficient permissions to write to
> '/work/PostgreSQL/10/data'.
>
> Beyond that, please see the supplemental PDF here for an example setup
> instruction (section 2.2/appendix B, and possibly section 2.3 as well):
>
>
>
> https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_PostgreSQL_9-x_V1R6_STIG.zip
>
> Also read through the pgaudit README if you have not already done so:
>
> https://github.com/pgaudit/pgaudit
>
> Finally (again if not already done), see the docs section on logging:
>
> https://www.postgresql.org/docs/12/runtime-config-logging.html
>
> HTH,
>
> Joe
>
> --
> Crunchy Data - http://crunchydata.com
> PostgreSQL Support for Secure Enterprises
> Consulting, Training, & Open Source Development
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | James (王旭) | 2019-11-21 02:27:29 | Re: How should I specify work_mem/max_worker_processes if I want to do big queries now and then? |
| Previous Message | Peter J. Holzer | 2019-11-20 22:48:23 | Re: REINDEX VERBOSE unknown option |