I have a PG 9.6 DB and I need to add some auditing and after googling, I have found pgaudit. Before trying to install and playing a bit with it, I'd like to make sure it complies with all my requirements.
The first concern I have regards data integrity: from my understanding, the extension stores the information in a simple log file without any data integrity check, so If I open the log and I manually delete something nobody will never notice it. Am I correct?
Does PG come with any log integrity mechanism?
Thanks
1 Answer 1
For your concern, i would suggest, you make the generated log files read only so that nobody other than the owner can change its contents. Anyway if contents of any file is changed, you can check its last modification time by using command stat filename.
Till now postgresql doesn't have any reliable auditing tools, and by looking at the pgaudit link, it just gives you some extra information from what is present in database logs, and will create a logfile possibly bigger than the database log. It could result in space constraints on your server.