Updated on 2024-05-07 GMT+08:00

Audit Switch

audit_enabled

Parameter description: Specifies whether to enable or disable the audit process. After the audit process is enabled, the auditing information written by the background process can be read from the pipe and written into audit files.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: Boolean

  • on indicates that the auditing function is enabled.
  • off indicates that the auditing function is disabled.

Default value: on

audit_directory

Parameter description: Specifies the storage directory of audit files. The value can be a path relative to the data directory or an absolute path. Only user sysadmin can access this parameter.

This parameter is a POSTMASTER parameter. Set it based on instructions provided in Table 1.

Value range: a string.

Default value: pg_audit If om is used for cluster deployment, audit logs are stored in $GAUSSLOG/pg_audit/Instance name.

  • You need to set different audit file directories for different CNs or DNs. Otherwise, audit logs will be abnormal.
  • If the value of audit_directory in the configuration file is an invalid path, the audit function cannot be used.
  • Valid path: Users have read and write permissions on the path.
  • Invalid path: Users do not have read or write permissions on an invalid path.

audit_data_format

Parameter description: Audits the format of log files. Currently, only the binary format is supported. Only user sysadmin can access this parameter.

This parameter is a POSTMASTER parameter. Set it based on instructions provided in Table 1.

Value range: a string.

Default value: binary

audit_rotation_interval

Parameter description: Specifies the interval of creating an audit log file. If the difference between the current time and the time when the previous audit log file is created is greater than the value of audit_rotation_interval, a new audit log file will be generated.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: an integer ranging from 1 to 35791394. The unit is min.

Default value: 1d

Adjust this parameter only when required. Otherwise, audit_resource_policy may fail to take effect. To control the storage space and time of audit logs, set the audit_resource_policy, audit_space_limit, and audit_file_remain_time parameters.

audit_rotation_size

Parameter description: Specifies the maximum capacity of an audit log file. If the total number of messages in an audit log exceeds the value of audit_rotation_size, the server will generate a new audit log file.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: an integer ranging from 1024 to 1048576. The unit is KB.

Default value: 10 MB

  • Do not adjust this parameter unless necessary. Otherwise, audit_resource_policy may fail to take effect. To control the storage space and time of audit logs, set the audit_resource_policy, audit_space_limit, and audit_file_remain_time parameters.
  • If the space occupied by a single record in an audit log file exceeds the value of this parameter, the log file is regarded as an invalid log file.

audit_resource_policy

Parameter description: Specifies the policy for determining whether audit logs are preferentially stored by space or time.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: Boolean

  • on indicates that audit logs are preferentially stored by space. A maximum of audit_space_limit logs can be stored.
  • off indicates that audit logs are preferentially stored by time. A minimum duration of audit_file_remain_time logs must be stored.

Default value: on

audit_file_remain_time

Parameter description: Specifies the minimum duration required for recording audit logs. This parameter is valid only when audit_resource_policy is set to off.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: an integer ranging from 0 to 730. The unit is day. 0 indicates that the storage duration is not limited.

Default value: 90

audit_space_limit

Parameter description: Specifies the total disk space occupied by audit files.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: an integer ranging from 1024 KB to 1024 GB. The unit is KB.

Default value: 1 GB

  • This parameter takes effect only for a single process instance folder in the pg_audit directory. By default, the total disk space occupied by audit files on each CN or DN is 1 GB.
  • In the multi-audit thread scenario, the minimum disk space occupied by audit files is the product of values of audit_thread_num and audit_rotation_size. If the value of this parameter is too small, the disk space occupied by audit files may exceed the value of this parameter.

audit_file_remain_threshold

Parameter description: Specifies the maximum number of audit files in the audit directory.

This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: an integer ranging from 100 to 1048576.

Default value: 1048576

  • Ensure that this parameter is set to 1048576. Do not adjust this parameter unless necessary. Otherwise, audit_resource_policy may fail to take effect. To control the storage space and time of audit logs, set the audit_resource_policy, audit_space_limit, and audit_file_remain_time parameters.
  • In the multi-audit thread scenario, do not adjust this parameter unless necessary. Ensure that the value of this parameter is greater than or equal to the value of audit_thread_num. Otherwise, the audit function cannot be used and the database is abnormal.

audit_thread_num

Parameter description: Specifies the number of audit threads.

This parameter is a POSTMASTER parameter. Set it based on instructions provided in Table 1.

Value range: an integer ranging from 1 to 48.

Default value: 1

When audit_dml_state is enabled and high performance is required, you are advised to increase the value of this parameter to ensure that audit messages can be processed and recorded in a timely manner.