How to enable fine grain auditing in EPAS V10.
Advanced Server allows database and security administrators, auditors, and operators to track and analyze database activities using the EDB Audit Logging functionality. EDB Audit Logging generates audit log files, which contains all of the relevant information. The audit logs can be configured to record information such as 1. When a role establishes a connection to an Advanced Server database 2. What database objects a role creates, modifies, or deletes when connected to Advanced Server 3. When any failed authentication attempts occur To enable audit logging you need to set audit logging parameters in postgresql.conf file which is located in the data directory. After enabling parameter you need to reload the cluster. you will find edb_audit directory under data directory where audit logs will be saved.
We can enable fine-grained audit logging feature from the EPAS V10. Below are the steps to enable fine-grained auditing in the EPASV10.
1. Go to the data directory of your cluster.
2. Enable audit related parameters in postgresql.conf file.
edb_audit = 'csv' # none, csv or xml
# These are only used if edb_audit is not none:
edb_audit_directory = 'edb_audit' # Directory where log files are written
# Can be absolute or relative to PGDATA
edb_audit_filename = 'audit-%Y-%m-%d_%H%M%S' # Audit file name pattern.
# Can include strftime() escapes
#edb_audit_rotation_day = 'every' # Automatic rotation of logfiles based
# on day of week. none, every, sun,
# mon, tue, wed, thu, fri, sat
#edb_audit_rotation_size = 0 # Automatic rotation of logfiles will
# happen after this many megabytes (MB)
# of log output. 0 to disable.
#edb_audit_rotation_seconds = 0 # Automatic log file rotation will
# happen after this many seconds.
edb_audit_connect = 'all' # none, failed, all
edb_audit_disconnect = 'all' # none, all
edb_audit_statement = 'ddl,dml' #none, dml, insert, update, delete, truncate,
# select, error, rollback, ddl, create, drop,
# alter, grant, revoke, all
3. Reload the database cluster.
4. Log in to Database cluster and check audit files are generated.
Above steps will enable fine grain auditing in your cluster.
##Disable the fine grain auditing for a specific user.
Below command can be used to disable fine grain auditing for a specific user.