(refactored branch) Even if you specify a command_tag filter, not filtered.

[harada-toshi]

Overview

• Even if you specify a command_tag filter, not filtered.
• In Readme.md, command_tag is described as an item that can be designated as a filter.
• Writing command_tag = '...' in the configuration file does not cause an error in the configuration file.
• However, this filter is not working in the current version. Even if you specify it, all command tags are output.

Config file

[output]
        logger = 'serverlog'

# SQL(1)
[rule]
        command_tag = 'SELECT'
        class = 'READ,WRITE,DDL,MISC'

Executed SQL

CREATE TABLE IF NOT EXISTS foo(id int, data text);
BEGIN;
INSERT INTO foo VALUES (1, 'aaa');
TABLE foo;
UPDATE foo SET data = 'AAA' WHERE id = 1;
SELECT * FROM foo;
DELETE FROM foo;
TRUNCATE foo;
COMMIT;
DROP TABLE foo;

Log.

LOG:  log_catalog = 1
LOG:  log_level_string = (null)
LOG:  log_level = 15
LOG:  log_parameter = 0
LOG:  log_statement_once = 0
LOG:  log_for_test = 0
LOG:  role =
LOG:  logger = serverlog
LOG:  facility = (null)
LOG:  priority = (null)
LOG:  ident = (null)
LOG:  option = (null)
LOG:  pathlog = (null)
LOG:  Rule 0
LOG:      BMP class = 356
LOG:      STR command_tag = select
LOG:  pgaudit extension initialized
LOG:  database system was shut down at 2017-03-07 15:00:19 JST
LOG:  MultiXact member wraparound protections are now enabled
LOG:  database system is ready to accept connections
LOG:  autovacuum launcher started
LOG:  connection received: host=[local]
LOG:  connection authorized: user=postgres database=postgres
LOG:  AUDIT: SESSION,1,1,DDL,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/2,2358,,,CREATE TABLE,TABLE,public.foo,"CREATE TABLE IF NOT EXISTS foo(id int, data text);",<not logged>
LOG:  AUDIT: SESSION,2,1,MISC,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,0,,,BEGIN,,,BEGIN;,<not logged>
LOG:  AUDIT: SESSION,3,1,WRITE,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,0,,,INSERT,TABLE,public.foo,"INSERT INTO foo VALUES (1, 'aaa');",<not logged>
LOG:  AUDIT: SESSION,4,1,READ,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,2359,,,SELECT,TABLE,public.foo,TABLE foo;,<not logged>
LOG:  AUDIT: SESSION,5,1,WRITE,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,2359,,,UPDATE,TABLE,public.foo,UPDATE foo SET data = 'AAA' WHERE id = 1;,<not logged>
LOG:  AUDIT: SESSION,6,1,READ,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,2359,,,SELECT,TABLE,public.foo,SELECT * FROM foo;,<not logged>
LOG:  AUDIT: SESSION,7,1,WRITE,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,2359,,,DELETE,TABLE,public.foo,DELETE FROM foo;,<not logged>
LOG:  AUDIT: SESSION,8,1,WRITE,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,2359,,,TRUNCATE TABLE,,,TRUNCATE foo;,<not logged>
LOG:  AUDIT: SESSION,9,1,MISC,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/3,2359,,,COMMIT,,,COMMIT;,<not logged>
LOG:  AUDIT: SESSION,10,1,DDL,2017-03-07 15:00:24 JST,postgres,postgres,[local],psql,2/4,2360,,,DROP TABLE,TABLE,public.foo,DROP TABLE foo;,<not logged>
LOG:  disconnection: session time: 0:00:00.053 user=postgres database=postgres host=[local]

• In this verification, we expected only the SELECT command to be output to the audit log.
• SQL commands with command tags INSERT and DELETE are also output in the audit log.

[MasahikoSawada]

Yeah, command_tag is not implemented yet because it's similar to class. But I know this is useful for users who want to filter by particular command. It's listed as a ToDo item.

[harada-toshi]

OK. If it is already registered in the ToDo item, we will treat this issue as closed.