pgaudit_analyze
pgaudit_analyze copied to clipboard
pgaudit
PostgreSQL Audit Analyzer
Hi, We want to use pgaudit_analyze on standby database audit records, in current situation it is not possible to pass host parameter to pgaudit_analyze to connect a remote database. So...
should add use waring in CSV.pm regex match in perl has limits, before 5.30 the limit is aboult 32k, after 5.30 is about 64k if a single csv line large...
allows saving log info not connected to a valid datadase ie failed login with bad DB name consolidate all logging for a cluster
When run as a systemd process without the --daemon flag the `print` statements that implicitly use STDOUT do not make it into the logfile
example csv: ``` 2020-10-06 17:41:28.952 EDT,"foo","foo",32580,"192.168.118.117:50773",5f7ce488.7f44,2,"authentication",2020-10-06 17:41:28 EDT,15/16636,0,LOG,00000,"connection authorized: user=foo database=foo SSL enabled (protocol=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, compression=off)",,,,,,,,,"" 2020-10-06 17:41:28.952 EDT,"foo","foo",32580,"192.168.118.117:50773",5f7ce488.7f44,3,"startup",2020-10-06 17:41:28 EDT,15/16636,0,FATAL,3D000,"database ""foo"" does not exist",,,,,,,,,"" ```
The issue is when using PAM auth a log msg of level LOG created before the FATAL msg Pass in the msg and check it to catch this case. Example...
Hi, I'm looking for an answer to the question I've included below. Can I run multiple processes so that pgaudit_analyze can read various log files from the same database? Somehow...
Needed to prevent possible session_id collision Backwards compatible with old schema, will append an id or name to session_id Modify audit.sql so it can be run for initial install or...
I'm having trouble setting up pgaudit_analyze. Thus far, I have taken the following steps: 1. Installed pgaudit. 2. Installed pgaudit_analyze under postgres home sirectory. 3. psql -c "CREATE DATABASE testdb"...
Hi, I user PostgreSQL 16.5, pgaudit 16.0 and pgaudit_analyze 1.0.9. I set up pgaudit_analyze like this: psql -U postgres -f pgaudit_analyze/sql/audit.sql testdb pgaudit_analyze/bin/pgaudit_analyze --daemon --user postgres /var/lib/pgsql/16/data/log Audit logs written...
