F.31. pgAudit Log to File#
F.31. pgAudit Log to File
F.31.2. Description
pgAudit Log to File
is an
addon to pgAudit than will redirect audit log
lines to an independent file, instead of using the PostgreSQL server logger.
This will allow us to have an audit file that we can easily rotate without polluting server logs with those messages.
Audit logs in heavily used systems can grow very fast. This extension allows to automatically rotate the files based in a number of minutes.
F.31.3. Installation
Add
pgauditlogtofile
to "shared_preload_libraries" inpostgresql.conf
Restart PostgreSQL to reload new shared library
Create extension in postgres database (like pgaudit we don't need to create it in all the databases)
postgres=# CREATE EXTENSION pgauditlogtofile;
F.31.4. Configuration
F.31.4.1. pgaudit.log_directory
Name of the directory where the audit file will be created.
- Scope
System
- Default
'log'
Empty or NULL will disable the extension and the audit logging will be done to the PostgreSQL server logger.
F.31.4.2. pgaudit.log_filename
Name of the file where the audit will be written. Writing to an existing file will append the new entries. This variable can contain time patterns up to minute to allow automatic rotation.
- Scope
System
- Default
'audit-%Y%m%d_%H%M.log'
Empty or NULL will disable the extension and the audit logging will be done to PostgreSQL server logger.
F.31.4.3. pgaudit.log_rotation_age
Number of minutes after which the audit file will be rotated.
- Scope
System
- Default
1440 minutes (1 day)
0 will disable the rotation.
F.31.4.4. pgaudit.log_connections
Intercepts server log messages emited when log_connections is on.
- Scope
System
- Default
off
- Requires
log_connections = on
F.31.4.5. pgaudit.log_disconnections
Intercepts server log messages emited when log_disconnections is on.
- Scope
System
- Default
off
- Requires
log_disconnections = on
F.31.4.6. Test
cd test vagrant plugin install vagrant-vbguest vagrant up