Shadow Tables vers PGAudit
I have been a PostgreSQL administrator since 2002 and have worked for Fred Hutchinson Cancer Research Center for the last 10+ years. Within Fred Hutch, I work for the largest group called SCHARP, Statistical Center for HIV/AIDS Research and Prevention.
In 2010 I started SeaPUG, Seattle Postgres Users Group, at the request of Josh Drake. I present at least half the presentations there every year. I started the PostgreSQL track at LinuxFest Northwest in 2014 after my GIS presentation in 2013 was standing room only. In 2017 I got a booth at the SeaGL, Seattle GNU Linux, conference with the idea of having a booth there in 2018 along with also doing a PostgreSQL presentation at the conference. In 2017 I started presenting at various PostgresConf Conferences.
I have also discovered several PostgreSQL bugs which have been fixed, some of them affected every version of PostgreSQL.
- 7553 - Variant of the what alias to use after a rename bug in views - Fixed in 9.3
- 8173 - Inserting heap tuples in bulk in COPY patch return wrong line on failure 999 out of 1000 times. - Fixed in 9.2.5 & 9.3
- 8257 - Multi-Core Restore fails when containing index comments - Fixed in 8.4, 9.0, 9.1, 9.2, 9.3
- 8291 - postgres_fdw does not re-read USER MAPING after change - Updated Docs in 9.3
- 8545 - pg_dump does not backup database level globals - Fixed in 11
- 15182 - Major Bug - Patch in the works for all versions of PostgreSQL aka 9.3 - 10. Partially fixed in 10 and fully fixed in 11
- 15316 - Creation of check constraint functions that rely on data loaded alphabetically after your primary data will fail to restore properly.
I host the Seattle Postgres Users Group where I give many of the presentations. I have many of the presentations posted at Lloyd's Presentations
No video of the event yet, sorry!
A shadow table is an table that is read and written by a trigger function and contains data similar to (in the same format as) its primary table, which is the table it's "shadowing" along with a few extra fields so that you can time travel the shadow table and know who did what and when. In this presentation we will cover traditional Shadow Tables which works with all current version of Postgresql and all cloud providers vers PGAudit which required Postgres 9.5 or newer. PGAudit provide PostgreSQL users with capability to produce audit logs often required to comply with government, financial, or ISO certifications. While both provide similar things, they are drastically different in the goals and the outputs and what you can easily do with those outputs.
- Shadow Tables:
- Writing a Shadow Table Function
- Attaching the Function via a Trigger to a Normal Table
- Time Traveling your Shadow Table
- Capturing DDL Changes
- Compiling PG Audit
- Auditing Tables
- Auditing DDL
- Setting who can be audited
- Setting what can be audited
- Pros & Cons
- Shadow Tables
- Cloud Providers
- Amazon RDS Postgresql
- Amazon Aurora Postgresql
- Microsoft Azure Postgresql
- Google Postgresql
- Other Shadow Table Projects
THE SLIDES CAN BE FOUND HERE: http://lloyd.thealbins.com/ShadowTablesVersPGAudit
- 2019 March 22 14:00
- 50 min
- Riverside Ballroom
- Postgres Conference