ggaudit 감사postgresql
11927 단어 #postgresqlextension
ggaudit는postgresql의 extension 형식으로 존재하며 표준postgresql 로그 도구를 통해 자세한 세션과/또는 대상 감사 로그 기록을 제공합니다.ggaudit의 목표는postgresql에 감사 로그를 생성하는 것입니다.
릴리즈 # lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial
$ psql
psql (9.6.8)
Type "help" for help.
postgres=# select version();
version
----------------------------------------------------------------------------------------------------------------------------------------------
PostgreSQL 9.6.8 on x86_64-pc-linux-gnu (Ubuntu 9.6.8-1.pgdg16.04+1), compiled by gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609, 64-bit
(1 row)
postgres=#
설치 다운로드
pgAudit versions relate to PostgreSQL major versions as follows:
pgAudit v1.3.X is intended to support PostgreSQL 11. pgAudit v1.2.X is intended to support PostgreSQL 10. pgAudit v1.1.X is intended to support PostgreSQL 9.6. pgAudit v1.0.X is intended to support PostgreSQL 9.5. # su - postgres
$ wget https://github.com/pgaudit/pgaudit/archive/1.1.1.zip
$ unzip 1.1.1.zip
$ ls -l
total 172
-rw-rw-r-- 1 postgres postgres 35875 Dec 19 14:28 1.1.1.zip
drwxr-xr-x 3 postgres postgres 4096 Nov 7 09:02 9.6
drwxrwxr-x 5 postgres postgres 4096 Jun 27 2017 pgaudit-1.1.1
$ cd pgaudit-1.1.1
$ make USE_PGXS=1
gcc -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -pie -fno-omit-frame-pointer -fPIC -I. -I./ -I/usr/include/postgresql/9.6/server -I/usr/include/postgresql/internal -Wdate-time -D_FORTIFY_SOURCE=2 -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/include/mit-krb5 -c -o pgaudit.o pgaudit.c
In file included from /usr/include/postgresql/9.6/server/libpq/auth.h:17:0,
from pgaudit.c:26:
/usr/include/postgresql/9.6/server/libpq/libpq-be.h:36:27: fatal error: gssapi/gssapi.h: No such file or directory
compilation terminated.
: recipe for target 'pgaudit.o' failed
make: *** [pgaudit.o] Error 1
메이크 타임즈 오류를 냈는데 가방이 부족해서 그런 거예요.$ sudo apt install libkrb5-dev
postgresql은 apt install로 설치되어 있기 때문에 루트 권한을 사용하려면make install$ make USE_PGXS=1
$ sudo make install USE_PGXS=1
설치 후 파일 목록 보기$ ls -l /usr/lib/postgresql/9.6/lib |grep -i audit
-rwxr-xr-x 1 root root 103024 Dec 19 14:49 pgaudit.so
$ ls -l /usr/share/postgresql/9.6/extension |grep -i audit
-rw-r--r-- 1 root root 248 Dec 19 14:49 pgaudit--1.0--1.1.1.sql
-rw-r--r-- 1 root root 615 Dec 19 14:49 pgaudit--1.1.1.sql
-rw-r--r-- 1 root root 145 Dec 19 14:49 pgaudit.control
이제 설치가 완료되었습니다.
pgaudit 만들기 $ vi /etc/postgresql/9.6/main/postgresql.conf
shared_preload_libraries = 'pgaudit,pg_stat_statements'
$ sudo /etc/init.d/postgresql restart
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# select * from pg_available_extensions where name like '%audit%';
name | default_version | installed_version | comment
---------+-----------------+-------------------+---------------------------------
pgaudit | 1.1.1 | | provides auditing functionality
(1 row)
postgres=#
postgres=# create extension pgaudit;
이로써
pgaudit의 매개 변수 postgres=# select name,setting from pg_settings where name like 'pgaudit%';
name | setting
----------------------------+---------
pgaudit.log | none
pgaudit.log_catalog | on
pgaudit.log_client | off
pgaudit.log_level | log
pgaudit.log_parameter | off
pgaudit.log_relation | off
pgaudit.log_statement_once | off
pgaudit.role |
(8 rows)
$ vi /etc/postgresql/9.6/main/postgresql.conf
pgaudit.log = 'all, -misc'
pgaudit.log_catalog = on
pgaudit.log_client = on
pgaudit.log_level = log
pgaudit.log_parameter = on
pgaudit.log_relation = on
pgaudit.log_statement_once = on
이 몇 개의 매개 변수가 대표하는 의미를 자세히 보아라.
생성된 로그 보기
set create table insert into select
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# set pgaudit.log = 'all, -misc';
postgres=# create table account
(
id int,
name text,
password text,
description text
);
postgres=# insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');
postgres=# select * from account;
해당 로그2018-12-19 15:20:29.386 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,6,"idle",2018-12-19 15:17:27 CST,2/36,0,LOG,00000,"statement: set pgaudit.log = 'all, -misc';",,,,,,,,,"psql"
2018-12-19 15:20:41.707 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,7,"idle",2018-12-19 15:17:27 CST,2/37,0,LOG,00000,"statement: create table account
(
id int,
name text,
password text,
description text
);",,,,,,,,,"psql"
2018-12-19 15:20:41.748 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,8,"CREATE TABLE",2018-12-19 15:17:27 CST,2/37,454353307,LOG,00000,"AUDIT: SESSION,2,1,DDL,CREATE TABLE,TABLE,public.account,""create table account
(
id int,
name text,
password text,
description text
);"",",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,9,"idle",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"statement: insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,10,"INSERT",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"AUDIT: SESSION,3,1,WRITE,INSERT,TABLE,public.account,""insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');"",",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,11,"idle",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"statement: select * from account;",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,12,"SELECT",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"AUDIT: SESSION,4,1,READ,SELECT,TABLE,public.account,select * from account;,",,,,,,,,,"psql"
AUDIT 단어 찾기
update create index delete truncate drop table
postgres=# update account set name='user2' where id=1;
postgres=# create index idx_account_x1 on account(id);
postgres=# delete from account where id=1;
postgres=# truncate table account;
postgres=# drop table account;
2018-12-19 15:27:01.672 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,2,"authentication",2018-12-19 15:27:01 CST,3/111,0,LOG,00000,"connection authorized: user=postgres database=postgres",,,,,,,,,""
2018-12-19 15:27:01.673 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,3,"idle",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"statement: select pg_is_in_recovery(); ",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,4,"SELECT",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"AUDIT: SESSION,1,1,READ,SELECT,,,select pg_is_in_recovery(); ,",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,5,"idle",2018-12-19 15:27:01 CST,,0,LOG,00000,"disconnection: session time: 0:00:00.003 user=postgres database=postgres host=[local]",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,13,"idle",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"statement: update account set name='user2' where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,14,"UPDATE",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"AUDIT: SESSION,5,1,WRITE,UPDATE,TABLE,public.account,update account set name='user2' where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:13.902 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,15,"idle",2018-12-19 15:17:27 CST,2/41,0,LOG,00000,"statement: create index idx_account_x1 on account(id);",,,,,,,,,"psql"
2018-12-19 15:27:13.908 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,16,"CREATE INDEX",2018-12-19 15:17:27 CST,2/41,454353310,LOG,00000,"AUDIT: SESSION,6,1,DDL,CREATE INDEX,INDEX,public.idx_account_x1,create index idx_account_x1 on account(id);,",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,17,"idle",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"statement: delete from account where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,18,"DELETE",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"AUDIT: SESSION,7,1,WRITE,DELETE,TABLE,public.account,delete from account where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:24.831 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,19,"idle",2018-12-19 15:17:27 CST,2/43,0,LOG,00000,"statement: truncate table account;",,,,,,,,,"psql"
2018-12-19 15:27:24.851 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,20,"TRUNCATE TABLE",2018-12-19 15:17:27 CST,2/43,454353312,LOG,00000,"AUDIT: SESSION,8,1,WRITE,TRUNCATE TABLE,,,truncate table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.207 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,21,"idle",2018-12-19 15:17:27 CST,2/44,0,LOG,00000,"statement: drop table account;",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,22,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,TABLE,public.account,drop table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,23,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,INDEX,public.idx_account_x1,,",,,,,,,,,"psql"
참조:https://www.pgaudit.org/
https://github.com/pgaudit/pgaudit https://github.com/pgaudit/pgaudit/blob/master/README.md
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
Rails Turbolinks를 페이지 단위로 비활성화하는 방법
원래 Turobolinks란?
Turbolinks는 링크를 생성하는 요소인 a 요소의 클릭을 후크로 하고,
이동한 페이지를 Ajax에서 가져옵니다.
그 후, 취득 페이지의 데이터가 천이 전의 페이지와 동일한 것이 있...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial
$ psql
psql (9.6.8)
Type "help" for help.
postgres=# select version();
version
----------------------------------------------------------------------------------------------------------------------------------------------
PostgreSQL 9.6.8 on x86_64-pc-linux-gnu (Ubuntu 9.6.8-1.pgdg16.04+1), compiled by gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609, 64-bit
(1 row)
postgres=#
pgAudit versions relate to PostgreSQL major versions as follows:
pgAudit v1.3.X is intended to support PostgreSQL 11. pgAudit v1.2.X is intended to support PostgreSQL 10. pgAudit v1.1.X is intended to support PostgreSQL 9.6. pgAudit v1.0.X is intended to support PostgreSQL 9.5.
# su - postgres
$ wget https://github.com/pgaudit/pgaudit/archive/1.1.1.zip
$ unzip 1.1.1.zip
$ ls -l
total 172
-rw-rw-r-- 1 postgres postgres 35875 Dec 19 14:28 1.1.1.zip
drwxr-xr-x 3 postgres postgres 4096 Nov 7 09:02 9.6
drwxrwxr-x 5 postgres postgres 4096 Jun 27 2017 pgaudit-1.1.1
$ cd pgaudit-1.1.1
$ make USE_PGXS=1
gcc -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -pie -fno-omit-frame-pointer -fPIC -I. -I./ -I/usr/include/postgresql/9.6/server -I/usr/include/postgresql/internal -Wdate-time -D_FORTIFY_SOURCE=2 -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/include/mit-krb5 -c -o pgaudit.o pgaudit.c
In file included from /usr/include/postgresql/9.6/server/libpq/auth.h:17:0,
from pgaudit.c:26:
/usr/include/postgresql/9.6/server/libpq/libpq-be.h:36:27: fatal error: gssapi/gssapi.h: No such file or directory
compilation terminated.
: recipe for target 'pgaudit.o' failed
make: *** [pgaudit.o] Error 1
메이크 타임즈 오류를 냈는데 가방이 부족해서 그런 거예요.
$ sudo apt install libkrb5-dev
postgresql은 apt install로 설치되어 있기 때문에 루트 권한을 사용하려면make install
$ make USE_PGXS=1
$ sudo make install USE_PGXS=1
설치 후 파일 목록 보기
$ ls -l /usr/lib/postgresql/9.6/lib |grep -i audit
-rwxr-xr-x 1 root root 103024 Dec 19 14:49 pgaudit.so
$ ls -l /usr/share/postgresql/9.6/extension |grep -i audit
-rw-r--r-- 1 root root 248 Dec 19 14:49 pgaudit--1.0--1.1.1.sql
-rw-r--r-- 1 root root 615 Dec 19 14:49 pgaudit--1.1.1.sql
-rw-r--r-- 1 root root 145 Dec 19 14:49 pgaudit.control
이제 설치가 완료되었습니다.
pgaudit 만들기 $ vi /etc/postgresql/9.6/main/postgresql.conf
shared_preload_libraries = 'pgaudit,pg_stat_statements'
$ sudo /etc/init.d/postgresql restart
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# select * from pg_available_extensions where name like '%audit%';
name | default_version | installed_version | comment
---------+-----------------+-------------------+---------------------------------
pgaudit | 1.1.1 | | provides auditing functionality
(1 row)
postgres=#
postgres=# create extension pgaudit;
이로써
pgaudit의 매개 변수 postgres=# select name,setting from pg_settings where name like 'pgaudit%';
name | setting
----------------------------+---------
pgaudit.log | none
pgaudit.log_catalog | on
pgaudit.log_client | off
pgaudit.log_level | log
pgaudit.log_parameter | off
pgaudit.log_relation | off
pgaudit.log_statement_once | off
pgaudit.role |
(8 rows)
$ vi /etc/postgresql/9.6/main/postgresql.conf
pgaudit.log = 'all, -misc'
pgaudit.log_catalog = on
pgaudit.log_client = on
pgaudit.log_level = log
pgaudit.log_parameter = on
pgaudit.log_relation = on
pgaudit.log_statement_once = on
이 몇 개의 매개 변수가 대표하는 의미를 자세히 보아라.
생성된 로그 보기
set create table insert into select
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# set pgaudit.log = 'all, -misc';
postgres=# create table account
(
id int,
name text,
password text,
description text
);
postgres=# insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');
postgres=# select * from account;
해당 로그2018-12-19 15:20:29.386 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,6,"idle",2018-12-19 15:17:27 CST,2/36,0,LOG,00000,"statement: set pgaudit.log = 'all, -misc';",,,,,,,,,"psql"
2018-12-19 15:20:41.707 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,7,"idle",2018-12-19 15:17:27 CST,2/37,0,LOG,00000,"statement: create table account
(
id int,
name text,
password text,
description text
);",,,,,,,,,"psql"
2018-12-19 15:20:41.748 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,8,"CREATE TABLE",2018-12-19 15:17:27 CST,2/37,454353307,LOG,00000,"AUDIT: SESSION,2,1,DDL,CREATE TABLE,TABLE,public.account,""create table account
(
id int,
name text,
password text,
description text
);"",",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,9,"idle",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"statement: insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,10,"INSERT",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"AUDIT: SESSION,3,1,WRITE,INSERT,TABLE,public.account,""insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');"",",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,11,"idle",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"statement: select * from account;",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,12,"SELECT",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"AUDIT: SESSION,4,1,READ,SELECT,TABLE,public.account,select * from account;,",,,,,,,,,"psql"
AUDIT 단어 찾기
update create index delete truncate drop table
postgres=# update account set name='user2' where id=1;
postgres=# create index idx_account_x1 on account(id);
postgres=# delete from account where id=1;
postgres=# truncate table account;
postgres=# drop table account;
2018-12-19 15:27:01.672 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,2,"authentication",2018-12-19 15:27:01 CST,3/111,0,LOG,00000,"connection authorized: user=postgres database=postgres",,,,,,,,,""
2018-12-19 15:27:01.673 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,3,"idle",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"statement: select pg_is_in_recovery(); ",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,4,"SELECT",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"AUDIT: SESSION,1,1,READ,SELECT,,,select pg_is_in_recovery(); ,",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,5,"idle",2018-12-19 15:27:01 CST,,0,LOG,00000,"disconnection: session time: 0:00:00.003 user=postgres database=postgres host=[local]",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,13,"idle",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"statement: update account set name='user2' where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,14,"UPDATE",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"AUDIT: SESSION,5,1,WRITE,UPDATE,TABLE,public.account,update account set name='user2' where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:13.902 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,15,"idle",2018-12-19 15:17:27 CST,2/41,0,LOG,00000,"statement: create index idx_account_x1 on account(id);",,,,,,,,,"psql"
2018-12-19 15:27:13.908 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,16,"CREATE INDEX",2018-12-19 15:17:27 CST,2/41,454353310,LOG,00000,"AUDIT: SESSION,6,1,DDL,CREATE INDEX,INDEX,public.idx_account_x1,create index idx_account_x1 on account(id);,",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,17,"idle",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"statement: delete from account where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,18,"DELETE",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"AUDIT: SESSION,7,1,WRITE,DELETE,TABLE,public.account,delete from account where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:24.831 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,19,"idle",2018-12-19 15:17:27 CST,2/43,0,LOG,00000,"statement: truncate table account;",,,,,,,,,"psql"
2018-12-19 15:27:24.851 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,20,"TRUNCATE TABLE",2018-12-19 15:17:27 CST,2/43,454353312,LOG,00000,"AUDIT: SESSION,8,1,WRITE,TRUNCATE TABLE,,,truncate table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.207 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,21,"idle",2018-12-19 15:17:27 CST,2/44,0,LOG,00000,"statement: drop table account;",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,22,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,TABLE,public.account,drop table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,23,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,INDEX,public.idx_account_x1,,",,,,,,,,,"psql"
참조:https://www.pgaudit.org/
https://github.com/pgaudit/pgaudit https://github.com/pgaudit/pgaudit/blob/master/README.md
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
Rails Turbolinks를 페이지 단위로 비활성화하는 방법
원래 Turobolinks란?
Turbolinks는 링크를 생성하는 요소인 a 요소의 클릭을 후크로 하고,
이동한 페이지를 Ajax에서 가져옵니다.
그 후, 취득 페이지의 데이터가 천이 전의 페이지와 동일한 것이 있...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.
$ vi /etc/postgresql/9.6/main/postgresql.conf
shared_preload_libraries = 'pgaudit,pg_stat_statements'
$ sudo /etc/init.d/postgresql restart
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# select * from pg_available_extensions where name like '%audit%';
name | default_version | installed_version | comment
---------+-----------------+-------------------+---------------------------------
pgaudit | 1.1.1 | | provides auditing functionality
(1 row)
postgres=#
postgres=# create extension pgaudit;
postgres=# select name,setting from pg_settings where name like 'pgaudit%';
name | setting
----------------------------+---------
pgaudit.log | none
pgaudit.log_catalog | on
pgaudit.log_client | off
pgaudit.log_level | log
pgaudit.log_parameter | off
pgaudit.log_relation | off
pgaudit.log_statement_once | off
pgaudit.role |
(8 rows)
$ vi /etc/postgresql/9.6/main/postgresql.conf
pgaudit.log = 'all, -misc'
pgaudit.log_catalog = on
pgaudit.log_client = on
pgaudit.log_level = log
pgaudit.log_parameter = on
pgaudit.log_relation = on
pgaudit.log_statement_once = on
이 몇 개의 매개 변수가 대표하는 의미를 자세히 보아라.
생성된 로그 보기
set create table insert into select
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# set pgaudit.log = 'all, -misc';
postgres=# create table account
(
id int,
name text,
password text,
description text
);
postgres=# insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');
postgres=# select * from account;
해당 로그2018-12-19 15:20:29.386 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,6,"idle",2018-12-19 15:17:27 CST,2/36,0,LOG,00000,"statement: set pgaudit.log = 'all, -misc';",,,,,,,,,"psql"
2018-12-19 15:20:41.707 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,7,"idle",2018-12-19 15:17:27 CST,2/37,0,LOG,00000,"statement: create table account
(
id int,
name text,
password text,
description text
);",,,,,,,,,"psql"
2018-12-19 15:20:41.748 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,8,"CREATE TABLE",2018-12-19 15:17:27 CST,2/37,454353307,LOG,00000,"AUDIT: SESSION,2,1,DDL,CREATE TABLE,TABLE,public.account,""create table account
(
id int,
name text,
password text,
description text
);"",",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,9,"idle",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"statement: insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,10,"INSERT",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"AUDIT: SESSION,3,1,WRITE,INSERT,TABLE,public.account,""insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');"",",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,11,"idle",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"statement: select * from account;",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,12,"SELECT",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"AUDIT: SESSION,4,1,READ,SELECT,TABLE,public.account,select * from account;,",,,,,,,,,"psql"
AUDIT 단어 찾기
update create index delete truncate drop table
postgres=# update account set name='user2' where id=1;
postgres=# create index idx_account_x1 on account(id);
postgres=# delete from account where id=1;
postgres=# truncate table account;
postgres=# drop table account;
2018-12-19 15:27:01.672 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,2,"authentication",2018-12-19 15:27:01 CST,3/111,0,LOG,00000,"connection authorized: user=postgres database=postgres",,,,,,,,,""
2018-12-19 15:27:01.673 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,3,"idle",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"statement: select pg_is_in_recovery(); ",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,4,"SELECT",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"AUDIT: SESSION,1,1,READ,SELECT,,,select pg_is_in_recovery(); ,",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,5,"idle",2018-12-19 15:27:01 CST,,0,LOG,00000,"disconnection: session time: 0:00:00.003 user=postgres database=postgres host=[local]",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,13,"idle",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"statement: update account set name='user2' where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,14,"UPDATE",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"AUDIT: SESSION,5,1,WRITE,UPDATE,TABLE,public.account,update account set name='user2' where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:13.902 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,15,"idle",2018-12-19 15:17:27 CST,2/41,0,LOG,00000,"statement: create index idx_account_x1 on account(id);",,,,,,,,,"psql"
2018-12-19 15:27:13.908 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,16,"CREATE INDEX",2018-12-19 15:17:27 CST,2/41,454353310,LOG,00000,"AUDIT: SESSION,6,1,DDL,CREATE INDEX,INDEX,public.idx_account_x1,create index idx_account_x1 on account(id);,",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,17,"idle",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"statement: delete from account where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,18,"DELETE",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"AUDIT: SESSION,7,1,WRITE,DELETE,TABLE,public.account,delete from account where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:24.831 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,19,"idle",2018-12-19 15:17:27 CST,2/43,0,LOG,00000,"statement: truncate table account;",,,,,,,,,"psql"
2018-12-19 15:27:24.851 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,20,"TRUNCATE TABLE",2018-12-19 15:17:27 CST,2/43,454353312,LOG,00000,"AUDIT: SESSION,8,1,WRITE,TRUNCATE TABLE,,,truncate table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.207 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,21,"idle",2018-12-19 15:17:27 CST,2/44,0,LOG,00000,"statement: drop table account;",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,22,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,TABLE,public.account,drop table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,23,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,INDEX,public.idx_account_x1,,",,,,,,,,,"psql"
참조:https://www.pgaudit.org/
https://github.com/pgaudit/pgaudit https://github.com/pgaudit/pgaudit/blob/master/README.md
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
Rails Turbolinks를 페이지 단위로 비활성화하는 방법
원래 Turobolinks란?
Turbolinks는 링크를 생성하는 요소인 a 요소의 클릭을 후크로 하고,
이동한 페이지를 Ajax에서 가져옵니다.
그 후, 취득 페이지의 데이터가 천이 전의 페이지와 동일한 것이 있...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.
$ psql
psql (9.6.8)
Type "help" for help.
postgres=#
postgres=# set pgaudit.log = 'all, -misc';
postgres=# create table account
(
id int,
name text,
password text,
description text
);
postgres=# insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');
postgres=# select * from account;
2018-12-19 15:20:29.386 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,6,"idle",2018-12-19 15:17:27 CST,2/36,0,LOG,00000,"statement: set pgaudit.log = 'all, -misc';",,,,,,,,,"psql"
2018-12-19 15:20:41.707 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,7,"idle",2018-12-19 15:17:27 CST,2/37,0,LOG,00000,"statement: create table account
(
id int,
name text,
password text,
description text
);",,,,,,,,,"psql"
2018-12-19 15:20:41.748 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,8,"CREATE TABLE",2018-12-19 15:17:27 CST,2/37,454353307,LOG,00000,"AUDIT: SESSION,2,1,DDL,CREATE TABLE,TABLE,public.account,""create table account
(
id int,
name text,
password text,
description text
);"",",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,9,"idle",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"statement: insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');",,,,,,,,,"psql"
2018-12-19 15:20:49.530 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,10,"INSERT",2018-12-19 15:17:27 CST,2/38,0,LOG,00000,"AUDIT: SESSION,3,1,WRITE,INSERT,TABLE,public.account,""insert into account (id, name, password, description)
values (1, 'user1', 'HASH1', 'blah, blah');"",",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,11,"idle",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"statement: select * from account;",,,,,,,,,"psql"
2018-12-19 15:20:57.948 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,12,"SELECT",2018-12-19 15:17:27 CST,2/39,0,LOG,00000,"AUDIT: SESSION,4,1,READ,SELECT,TABLE,public.account,select * from account;,",,,,,,,,,"psql"
postgres=# update account set name='user2' where id=1;
postgres=# create index idx_account_x1 on account(id);
postgres=# delete from account where id=1;
postgres=# truncate table account;
postgres=# drop table account;
2018-12-19 15:27:01.672 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,2,"authentication",2018-12-19 15:27:01 CST,3/111,0,LOG,00000,"connection authorized: user=postgres database=postgres",,,,,,,,,""
2018-12-19 15:27:01.673 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,3,"idle",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"statement: select pg_is_in_recovery(); ",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,4,"SELECT",2018-12-19 15:27:01 CST,3/112,0,LOG,00000,"AUDIT: SESSION,1,1,READ,SELECT,,,select pg_is_in_recovery(); ,",,,,,,,,,"psql"
2018-12-19 15:27:01.674 CST,"postgres","postgres",10963,"[local]",5c19f2c5.2ad3,5,"idle",2018-12-19 15:27:01 CST,,0,LOG,00000,"disconnection: session time: 0:00:00.003 user=postgres database=postgres host=[local]",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,13,"idle",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"statement: update account set name='user2' where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:08.112 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,14,"UPDATE",2018-12-19 15:17:27 CST,2/40,0,LOG,00000,"AUDIT: SESSION,5,1,WRITE,UPDATE,TABLE,public.account,update account set name='user2' where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:13.902 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,15,"idle",2018-12-19 15:17:27 CST,2/41,0,LOG,00000,"statement: create index idx_account_x1 on account(id);",,,,,,,,,"psql"
2018-12-19 15:27:13.908 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,16,"CREATE INDEX",2018-12-19 15:17:27 CST,2/41,454353310,LOG,00000,"AUDIT: SESSION,6,1,DDL,CREATE INDEX,INDEX,public.idx_account_x1,create index idx_account_x1 on account(id);,",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,17,"idle",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"statement: delete from account where id=1;",,,,,,,,,"psql"
2018-12-19 15:27:19.215 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,18,"DELETE",2018-12-19 15:17:27 CST,2/42,0,LOG,00000,"AUDIT: SESSION,7,1,WRITE,DELETE,TABLE,public.account,delete from account where id=1;,",,,,,,,,,"psql"
2018-12-19 15:27:24.831 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,19,"idle",2018-12-19 15:17:27 CST,2/43,0,LOG,00000,"statement: truncate table account;",,,,,,,,,"psql"
2018-12-19 15:27:24.851 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,20,"TRUNCATE TABLE",2018-12-19 15:17:27 CST,2/43,454353312,LOG,00000,"AUDIT: SESSION,8,1,WRITE,TRUNCATE TABLE,,,truncate table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.207 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,21,"idle",2018-12-19 15:17:27 CST,2/44,0,LOG,00000,"statement: drop table account;",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,22,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,TABLE,public.account,drop table account;,",,,,,,,,,"psql"
2018-12-19 15:27:30.238 CST,"postgres","postgres",10371,"[local]",5c19f087.2883,23,"DROP TABLE",2018-12-19 15:17:27 CST,2/44,454353313,LOG,00000,"AUDIT: SESSION,9,1,DDL,DROP TABLE,INDEX,public.idx_account_x1,,",,,,,,,,,"psql"
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
Rails Turbolinks를 페이지 단위로 비활성화하는 방법원래 Turobolinks란? Turbolinks는 링크를 생성하는 요소인 a 요소의 클릭을 후크로 하고, 이동한 페이지를 Ajax에서 가져옵니다. 그 후, 취득 페이지의 데이터가 천이 전의 페이지와 동일한 것이 있...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.