(refactored branche) Even if you specify WARNING as the level of the output section, the log level of the audit log is LOG instead of WARNING.

[harada-toshi]

Overview

• Even if you specify WARNING as the level of the output section, the log level of the audit log is LOG instead of WARNING.
• Looking at the startup log, even when WARNING is specified, it is displayed as LOG: log_level = 15.
• At present, is level setting unimplemented?

config file sample

[output]
        logger = 'serverlog'
        level   = 'WARNING'

[option]
        role = 'auditor'

[rule]
        format = '%t,%d,%u,%p,%v,%statement_id,%sub_statement_id,%class,%command_tag,%object_type,%object_name,%command_text'
        class = 'READ,WRITE,DDL,ROLE,FUNCTION,MISC'

PostgreSQL Launch Log

$ pg_ctl -w -D ~/pgdata/9.6-pgaudit/ start
waiting for server to start....LOG:  log_catalog = 1
LOG:  log_level_string = (null)
LOG:  log_level = 15
LOG:  log_parameter = 0
LOG:  log_statement_once = 0
LOG:  log_for_test = 0
LOG:  role = auditor
LOG:  logger = serverlog
LOG:  facility = (null)
LOG:  priority = (null)
LOG:  ident = (null)
LOG:  option = (null)
LOG:  pathlog = (null)
LOG:  Rule 0
LOG:      BMP class = 500
LOG:  pgaudit extension initialized
LOG:  redirecting log output to logging collector process
HINT:  Future log output will appear in directory "pg_log".
 done
server started

Executed SQL

$ psql postgres -U postgres -c "SHOW log_min_messages"
 log_min_messages
------------------
 warning
(1 row)

Audit Log

LOG:  connection authorized: user=postgres database=postgres
LOG:  AUDIT: SESSION,1,1,MISC,2017-03-01 15:31:31 JST,postgres,postgres,[local],psql,2/17,0,,,SHOW,,,SHOW log_min_messages,<not logged>
LOG:  disconnection: session time: 0:00:00.012 user=postgres database=postgres host=[local]

[MasahikoSawada]

Thank you for reporting!

We can specify log level of audit log to the sever log by setting log_level parameter in option section, not level parameter in output section. Please try to set log_level = 'WARNING' in option section.

Also, pgaudit configuration parameters are always shown in LOG level, which is intentional, because these information is not audit information.

[harada-toshi]

OK. We confirmed that audit log is output as WARNING by setting log_level = 'WARNING' in option section.

• Config file

  
  [output]
      logger = 'serverlog'

[option] log_level = 'WARNING' role = 'auditor'

[rule] format = '%t,%d,%u,%p,%v,%statement_id,%sub_statement_id,%class,%command_tag,%object_type,%object_name,%command_text' class = 'READ,WRITE,DDL,ROLE,FUNCTION,MISC'

* Audit Log.

WARNING: AUDIT: SESSION,1,1,READ,2017-03-01 19:16:34 JST,postgres,postgres,[local],psql,2/3,0,,,SELECT,,,SELECT 1,

[MasahikoSawada]

Thank you for checking, close.