Release History
Requirements

Introduction

Quick onboard

Deployment

Data Modeling

Connecting

Write data

Migration

Query

Operations and Maintenance

Performance Tuning

Troubleshooting

Reference Guide

SQL Reference

FAQ

Security Auditing

Database auditing is a compliance-oriented management practice that performs fine-grained auditing of database operations, issues alerts for risky behaviors targeting the database, and blocks attack activities. By recording, analyzing, and reporting user access behaviors to the database, it helps users generate compliance reports and trace incidents back to their root causes after the fact, while also enhancing records of internal and external database network activities to improve data asset security.

log_XXX

The log_xxx series of parameters are used to configure logging behavior, aiding in monitoring and debugging the database runtime. All database operation behaviors are recorded into the database operational logs, which can then be analyzed for early warning detection of dangerous behaviors.

Configuration Parameters

logging_collector     -- Whether to enable the log collection switch; default is off, recommended on
log_destination       -- Log output type; default is stderr (only error output is logged), recommended csvlog; options include: stderr, csvlog, syslog, and eventlog,
log_directory          -- Log directory; default is $PGDATA/pg_log, 
log_filename            -- Log filename; default is postgresql-%Y-%m-%d_%H%M%S.log
log_file_mode           -- Log file permissions; default is 0600
log_truncate_on_rotation  -- Default is off; when set to on, log rotation overwrites content (off = append, on = truncate then write)
log_rotation_age      -- Maximum duration for a single log file; default is 1d, also supports 1h, 1min, 1s
log_rotation_size       -- Maximum size for a single log file; default is 10MB
log_error_verbosity    -- Default is default; verbose means more detailed messages
log_connections    -- Whether to log when a user session logs in; default off, recommended on
log_disconnections -- Whether to log when a user session logs out; default off, recommended on
log_statement    -- Records various operations after a user logs into the database:
    none — no logging
    ddl — logs create, drop, and alter
    mod — logs ddl + insert, delete, update, and truncate
    all — logs mod + select
log_min_duration_statement = 2s   -- Logs SQL statements exceeding 2 seconds
log_checkpoints = on
log_lock_waits = on
deadlock_timeout = 1s

Configuration Example

The following is a configuration example. Add these parameters to the postgresql.conf file:

Note!
After modifying the postgresql.conf file, you must restart the YMatrix service for the configuration to take effect.

logging_collector = on
log_directory = 'stderr'
log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log'
log_rotation_age = 1d
log_rotation_size = 10MB
log_truncate_on_rotation = off

log_statement = 'all'
log_min_duration_statement = 100

log_connections = on
log_disconnections = on
log_lock_waits = on
← Previous
TDE
Next →
User Management