| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | anand086 <anand086(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Audit based on role |
| Date: | 2017-08-08 00:05:28 |
| Message-ID: | d01c0c62-ba17-7741-62bf-a2fa3ac75dfb@joeconway.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 08/07/2017 04:47 PM, anand086 wrote:
> Only Insert/Update/Delete sqls are to be audited.
You could get close to what you want, I think, by setting log_statement
= mod for the users of interest, e.g. by doing:
ALTER USER whomever SET log_statement = mod;
See:
https://www.postgresql.org/docs/9.6/static/runtime-config-logging.html#GUC-LOG-STATEMENT
Note: "mod logs all ddl statements, plus data-modifying statements such
as INSERT, UPDATE, DELETE, TRUNCATE, and COPY FROM."
Caveat: You would have to do this per user in that group. However you
could write a query against the system catalogs though to loop through
the members of the group and execute this statement against each one.
Maybe rerun it periodically.
HTH,
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Venkat Ramkrishna | 2017-08-08 00:16:03 | [General] - Ora2PG estimation accuracy |
| Previous Message | anand086 | 2017-08-07 23:47:46 | Re: Audit based on role |