PgAudit Installation and Configuration

PGAUDIT INSTALLATION AND CONFIGURATION:
Step 1: Download the pgaudit rpm file from below link
               https://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/

pgaudit_95-1.0.4-1.rhel7.x86_64.rpm    
         
Step 2: After Postgres installation, we should configure the below steps:
·         Install the pgaudit rpm using below command:

rpm -ivh pgaudit_95-1.0.4-1.rhel7.x86_64.rpm

·         Creating soft link for pgaudit.so file:

cd /u01/postgres/9.5/lib/postgresql
ln -s /usr/pgsql-9.5/lib/pgaudit.so pgaudit.so

·         Copying the pgaudit—1.0.sql and pgaudit.control to extension directory given below:

cp -r /usr/pgsql-9.5/share/extension/pgaudit—-1.0.sql /u01/postgres/9.5/share/postgresql/extension
cp -r /usr/pgsql-9.5/share/extension/pgaudit.control /u01/postgres/9.5/share/postgresql/extension

·         Changing the permission for the files pgaudit—1.0.sql and pgaudit.control:

cd /u01/postgres/9.5/share/postgresql/extension/
chmod -R 644 pgaudit.control
chmod -R 644 pgaudit--1.0.sql

Step 3: Add below parameters in /u02/pgdata01/data/postgresql.conf file:

logging_collector = on
log_destination='syslog,csvlog'
log_statement=’DDL’
log_connections = on
log_disconnections = on
log_directory='/u01/pgaudit'
log_filename = 'postgres-%Y-%m-%d_%H%M%S.log'
shared_preload_libraries='pgaudit'
#pgaudit.log='DDL,ROLE'
pgaudit.log_catalog=on
pgaudit.log_level='log'
pgaudit.log_parameter=off
pgaudit.log_relation=off
pgaudit.log_statement_once=off
pgaudit.role=''
Step 4: Restart the PostgreSQL instance
pg_ctl restart -D /u02/pgdata01/data

Step5: Create the extensions on postgres & template1 databases.
$ psql
create extension pgaudit;

MACFEE POSTGRES AUDIT PLUGIN INSTALLATION AND CONFIGURATION:
Step 1: Unzip the distribution (postgresql-audit-9.5.0-1.0.2-68-linux-x86_64.zip). 

Install the files into the following directory:
cp pgaudit/audit.so /u01/postgres/9.5/lib/postgresql/
cp pgaudit/audit.control  /u01/postgres/9.5/share/postgresql/extension/
cp pgaudit/audit--1.0.sql  /u01/postgres/9.5/share/postgresql/extension/

Step 2: Edit the below parameters for configuring the postgres audit plugin in         /u02/pgdata01/data/postgresql.conf:
shared_preload_libraries='audit,pgaudit'
audit.json_file=1
audit.json_unix_socket=1
audit.json_file_name='/u02/pgdata01/data/audit.json'
audit.json_unix_socket_name='/var/run/db-audit/postgresql.audit__u02_pgdata01_data_5432'
audit.header_msg=on
audit.debug_logs=on
isecgaudit.debug_logs=1

Step 3: Restart the PostgreSQL instance
pg_ctl restart -D /u02/pgdata01/data


Subscribe to: Posts (Atom)